On Thu, May 25, 2017 at 01:39:46PM +0200, Günther J. Niederwimmer via
FreeIPA-users wrote:
> Hello,
>
> after the mistake with Startcom CA (Class 3), now I look for a new
> Certificate..
>
> Is it possible and functional to install a Letsencrypt CA on a IPA-Server?
>
> I have found a script
Hey Guys,
Centos7.3
FreeIPA 4.4.0
I'm having a strange issue with cross-realm tickets that I'm having a hard time
troubleshooting. it looks similar to an issue posted back in 2014.
https://www.redhat.com/archives/freeipa-users/2014-October/msg00207.html but
this routes file seems to
Jason Sherrill via FreeIPA-users wrote:
> Opened in incognito, same error: "An error occurred: an invalid token
> was found."
It's hard to say, it works for me though.
I'll ping the FAS maintainer and see what I can find out.
rob
>
> On Thu, May 25, 2017 at 12:12 PM, Martin Bašti
On Thu, 25 May 2017, Fraser Tweedale wrote:
This is not correct. The CA cert must be valid for the leaf cert to
be valid, but the CA cert *can* be renewed without requiring leaf
certificates to be reissued. So long as the following conditions
are met, everything will be fine:
1. The CA's key
On Mon, 2017-05-22 at 10:17 +, doug.ke...@wipro.com wrote:
> Hi,
>
>
> I'm wondering if anyone else has done something similar to us, and if so am
> wondering how you went about it or if it is indeed at all possible.
>
>
> Our situation is:
>
>
> * We have a few VMs which are domain
On Tue, 2017-05-23 at 13:07 -0400, Chris Apsey via FreeIPA-users wrote:
> All,
>
> We use freeIPA as the LDAP backend for OpenStack Keystone, GitLab, and a
> few other things. We have been looking for a way to keep track of the
> last time a user logged on, and the obvious answer seems to be
I successfully logged-in, but encountered some issues. While using Chrome
on http://www.freeipa.org/page/Special:OpenIDLogin, clicking the
*Fedora *button
and then the *Login/create account with OpenID* button initially loaded a
completely empty page and, after reloading, displayed an error. I
Günther,
The script from github works fine
(https://github.com/freeipa/freeipa-letsencrypt). We use it in production
on CentOS 7. Keep in mind the script by will only configure the
certificate for the web ui, and not LDAP/s. You will need a separate
process for that.
Chris
On May 25,
Hi,
Instead of using the Let’s Encrypt thing on the IPA server itself, I often just
use it on a reverse proxy. This way the end-users see the verified CA and
FreeIPA can keep doing it’s business.
I tried to use ACME on the IPA server in the past, but it wasn’t very well
integrated and caused
Hello,
after the mistake with Startcom CA (Class 3), now I look for a new
Certificate..
Is it possible and functional to install a Letsencrypt CA on a IPA-Server?
I have found a script on "github" to install a Letsencript CA for FreeIPA
(fedora), but can any tell me is this working with
Hello,
could you please log in to wiki page, we can add permissions after
initial login.
Martin
On 24.05.2017 16:39, Jason Sherrill via FreeIPA-users wrote:
I would like to post the procedure that I used for configuring OS X
10.12 for use with IPA. My fedora account is
On Thu, May 25, 2017 at 01:34:16AM -0400, Rob Foehl via FreeIPA-users wrote:
> I've got a test instance of FreeIPA 4.4.4 running on F25 that was installed
> with --external-ca, and the resulting CSR signed with a validity period of
> 30 days to test behavior around expirations.
>
> Upon booting
12 matches
Mail list logo