subject:"\[Freeipa\-users\] Install IPA Servers with third\-party certificate\(external CA\)"

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-30 Thread Jakub Hrozek

On Thu, Sep 29, 2016 at 10:03:08PM -0400, beeth beeth wrote: > Thanks Florence and Rob! The replica worked after adding the certs during > the replica preparation. > > Now I got several IPA clients installed with user authentication(ssh login > with the users in IPA) working after some work.

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

Thanks Florence and Rob! The replica worked after adding the certs during the replica preparation. Now I got several IPA clients installed with user authentication(ssh login with the users in IPA) working after some work. However, one of them failed during login with the following messages in

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread Florence Blanc-Renaud

On 09/29/2016 02:12 PM, Rob Crittenden wrote: beeth beeth wrote: Hi Florence, I previously tried option a) and failed(need to find out why later), but I was able to successfully reinstall the server and the client with option b), thanks a lot! So when it says "Installing Without a CA", it

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread Rob Crittenden

beeth beeth wrote: Hi Florence, I previously tried option a) and failed(need to find out why later), but I was able to successfully reinstall the server and the client with option b), thanks a lot! So when it says "Installing Without a CA", it means without a "embeded CA"(the IPA's own CA), is

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

Hi Florence, I previously tried option a) and failed(need to find out why later), but I was able to successfully reinstall the server and the client with option b), thanks a lot! So when it says "Installing Without a CA", it means without a "embeded CA"(the IPA's own CA), is that right? Another

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread Deepak Dimri

ers-boun...@redhat.com> on behalf of Florence Blanc-Renaud <f...@redhat.com> Sent: Thursday, September 29, 2016 6:03 AM To: beeth beeth Cc: Freeipa-users Subject: Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA) On 09/29/2016 11:43 AM, beeth beet

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread Florence Blanc-Renaud

On 09/29/2016 11:43 AM, beeth beeth wrote: Thanks for the quick response Florence! My goal is the use a 3rd party certificate(such as Verisign cert) for Web UI(company security requirement), in fact we are not required to use 3rd party certificate for the LDAP server, but as I mentioned

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

Ok, I will try out the "2.3.6. Installing Without a CA", and keep you posted. BTW, I noticed that the key needs to be encrypted, is that true? Thanks! On Thu, Sep 29, 2016 at 5:25 AM, Florence Blanc-Renaud wrote: > Hi, > > The instructions that you followed are used when you

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

Thanks for the quick response Florence! My goal is the use a 3rd party certificate(such as Verisign cert) for Web UI(company security requirement), in fact we are not required to use 3rd party certificate for the LDAP server, but as I mentioned earlier, I couldn't make the new Verisign cert to

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

Also, I once followed the instruction about "Using 3rd part certificates for HTTP/LDAP" at https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP, for my environment: IPA 4.2 on RHEL7 # ipa-cacert-manage -p DM_PASSWORD -n NICKNAME -t C,, install ca.crt # ipa-certupdate #

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread Florence Blanc-Renaud

Hi, The instructions that you followed are used when you want to install FreeIPA with an embedded Certificate Authority (ie FreeIPA is able to issue certificates), and FreeIPA CA is signed by a 3rd party CA. Maybe your goal is just to use a 3rd party certificate for IPA's LDAP server and

[Freeipa-users] Install IPA Servers with third-party certificate(external CA)

2016-09-29 Thread beeth beeth

I am trying to set up IPA servers with Verisign certificate, so that the Admin Web console can use public signed certificate to meet company's security requirement. But when I try to follow Red Hat's instructions at

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

Re: [Freeipa-users] Install IPA Servers with third-party certificate(external CA)

[Freeipa-users] Install IPA Servers with third-party certificate(external CA)

12 matches

Site Navigation

Mail list logo

Footer information