On 05/15/17 16:44, Rob Crittenden wrote:
>
> I'm confused. You mention replacing some "externally signed certificate"
> and yet then ask switching to externally signed certificates. What is
> the current configuration? What is signing the existing server certs? Or
> do you have an external CA
Harald Dunkel wrote:
> Hi folks,
>
> I have to renew (or replace) the externally signed certificate
> on my ipa servers using a new ca. Apparently the tool of choice
> is ipa-cacert-manage.
>
> Of course I found https://www.freeipa.org/page/Howto/CA_Certificate_Renewal.
> Problem is, I cannot
Hi folks,
I have to renew (or replace) the externally signed certificate
on my ipa servers using a new ca. Apparently the tool of choice
is ipa-cacert-manage.
Of course I found https://www.freeipa.org/page/Howto/CA_Certificate_Renewal.
Problem is, I cannot estimate the risk and if its worth the