Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: Hi Rob. You are right that I should be able to just update it on our second server. What happened was I was trying to see if the certificate would work on the install process since I couldn't figure out the renewal. This did not work, which is why I just sent out an

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: Hi Rob. To add to this mess, I seem to have somehow confused the LDAP certificate configuration in the process of setting up a replicant (ipa.cs.ru.is) with my new StartSSL (personal) certificate. The previous certificate was a corporate Level2 certificate. Trying

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Joseph Timothy Foley wrote: I just discovered that the certificate on ipa2.cs.ru.is is good to August, so I have a little bit of breathing room. That said, the ipa.cs.ru.is certificate will expire on March 23, so I need to update it. The process to get a new cert is pretty much the same as

Re: [Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

I just discovered that the certificate on ipa2.cs.ru.is is good to August, so I have a little bit of breathing room. That said, the ipa.cs.ru.is certificate will expire on March 23, so I need to update it. -- Dr. Joseph T. Foley Assistant Professor, Reykjavik University

[Freeipa-users] Renewing an externally signed HTTP/LDAP certificate

Hi there. I setup an IPA4.2.0 on RHEL7 service for our CS department on ipa.cs.ru.is(temporarily down) and ipa2.cs.ru.is I used StartSSL to sign our certificate for HTTP and LDAP usage because I didn't want our users to deal with the internal CA nor could we get the CA certificate signed. Problem