Hi Clark,
On Mon, Mar 27, 2017 at 04:19:42PM +, System Administration Team wrote:
> Fraser,
>
> I cannot pass the DN or CN as part of the subject on the command line
> ipa-server-install
>
> Ipa-server-install appears to set the CN to 'Certificate Authority' from the
> openssl output.
>
On 03/27/2017 06:19 PM, System Administration Team wrote:
> [root@ipa certs]# openssl req -in /root/ipa.csr -noout -text
> Certificate Request:
> Data:
> Version: 0 (0x0)
> Subject: mail=, C=US, ST=Mississippi, L=Starkville,
> O=Camgian Microsystems, OU=IT, CN=Certificate
Fraser,
I cannot pass the DN or CN as part of the subject on the command line
ipa-server-install
Ipa-server-install appears to set the CN to 'Certificate Authority' from the
openssl output. I believe the preferred for a subCA should be the FQDN of
the subCA server which is the ipa
On Fri, Mar 24, 2017 at 03:26:31PM +, System Administration Team wrote:
> >From old threads back in August 2016 I have been able to get closer to
> >installing freeipa server as a subCA to our in house rootCA
>
> https://www.redhat.com/archives/freeipa-users/2016-August/msg00269.html
>
>
>From old threads back in August 2016 I have been able to get closer to
>installing freeipa server as a subCA to our in house rootCA
https://www.redhat.com/archives/freeipa-users/2016-August/msg00269.html
Running the initial install command
ipa-server-install --external-ca --domain=camgian.com
