I might as well write this down here :)
I have found this mechanism works:
On the service machine:
- openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
# a common name must be entered here which is the hostname
In the IPA interface:
- Services
- Add
- HTTP/servi
> There are also some good docs and examples in the certmonger git repo in
> docs folder and here.
> http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/certmongerX.html
Hi,
The docs seem to explain quite well how to request a certificate but
not how to actually issue a certificate.
On 04/25/2014 03:57 AM, Andrew Holway wrote:
What are the certs for?
At the moment for a third party application however we would like to
issue our own certs for everything SSL such as LDAPs or OpenVPN. It is
quite a powerful feature to be able to install an organisations root
key on a clients m
> What are the certs for?
At the moment for a third party application however we would like to
issue our own certs for everything SSL such as LDAPs or OpenVPN. It is
quite a powerful feature to be able to install an organisations root
key on a clients machine and then be able to bosh out certs at
On 04/24/2014 03:24 PM, Andrew Holway wrote:
Hello,
I would like to use freeipa CA to manage certs for our organisation.
In testing this out I have created an SSL key with the following.
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
This CSR I pasted into the ser
Hello,
I would like to use freeipa CA to manage certs for our organisation.
In testing this out I have created an SSL key with the following.
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
This CSR I pasted into the service certificate UI and have a tick next
to "Va