[Freeipa-users] any work around for generating CSR to be signed by Microsoft AD CA?

I’m aware of the bug filed here but the work around as documented did not work: https://bugzilla.redhat.com/show_bug.cgi?id=1322963 Looking at this ticket: https://fedorahosted.org/freeipa/ticket/5799 It seems that it won’t be fixed until freeipa 4.5. Is there any workaround currently in freeipa

[Freeipa-users] freeipa 4.2.0 ipa-cacert-manage not generating CSR with CA:True for chaining

we currently have a IPA 4.2 servers working with a self-signed CA certificate with the REALM of xyz.local I’m trying chain our xyz.local CA cert with IT’s abc.local CA cert so that users on corp laptop(with the abc.local cert already in CA chain) would trust the xyz.local CA cert and not get

[Freeipa-users] freeipa 4.2.0 ipa-cacert-manage not generating CSR with CA:True for chaining

we currently have a IPA 4.2 servers working with a self-signed CA certificate with the REALM of xyz.local I’m trying chain our xyz.local CA cert with IT’s abc.local CA cert so that users on corp laptop(with the abc.local cert already in CA chain) would trust the xyz.local CA cert and not get