On Thu, Sep 29, 2016 at 10:03:08PM -0400, beeth beeth wrote:
> Thanks Florence and Rob! The replica worked after adding the certs during
> the replica preparation.
>
> Now I got several IPA clients installed with user authentication(ssh login
> with the users in IPA) working after some work.
Thanks Florence and Rob! The replica worked after adding the certs during
the replica preparation.
Now I got several IPA clients installed with user authentication(ssh login
with the users in IPA) working after some work. However, one of them failed
during login with the following messages in
On 09/29/2016 02:12 PM, Rob Crittenden wrote:
beeth beeth wrote:
Hi Florence,
I previously tried option a) and failed(need to find out why later), but
I was able to successfully reinstall the server and the client with
option b), thanks a lot! So when it says "Installing Without a CA", it
beeth beeth wrote:
Hi Florence,
I previously tried option a) and failed(need to find out why later), but
I was able to successfully reinstall the server and the client with
option b), thanks a lot! So when it says "Installing Without a CA", it
means without a "embeded CA"(the IPA's own CA), is
Hi Florence,
I previously tried option a) and failed(need to find out why later), but I
was able to successfully reinstall the server and the client with option
b), thanks a lot! So when it says "Installing Without a CA", it means
without a "embeded CA"(the IPA's own CA), is that right?
Another
ers-boun...@redhat.com> on
behalf of Florence Blanc-Renaud <f...@redhat.com>
Sent: Thursday, September 29, 2016 6:03 AM
To: beeth beeth
Cc: Freeipa-users
Subject: Re: [Freeipa-users] Install IPA Servers with third-party
certificate(external CA)
On 09/29/2016 11:43 AM, beeth beet
On 09/29/2016 11:43 AM, beeth beeth wrote:
Thanks for the quick response Florence!
My goal is the use a 3rd party certificate(such as Verisign cert) for
Web UI(company security requirement), in fact we are not required to use
3rd party certificate for the LDAP server, but as I mentioned
Ok, I will try out the "2.3.6. Installing Without a CA", and keep you
posted.
BTW, I noticed that the key needs to be encrypted, is that true?
Thanks!
On Thu, Sep 29, 2016 at 5:25 AM, Florence Blanc-Renaud
wrote:
> Hi,
>
> The instructions that you followed are used when you
Thanks for the quick response Florence!
My goal is the use a 3rd party certificate(such as Verisign cert) for Web
UI(company security requirement), in fact we are not required to use 3rd
party certificate for the LDAP server, but as I mentioned earlier, I
couldn't make the new Verisign cert to
Also, I once followed the instruction about "Using 3rd part certificates
for HTTP/LDAP" at
https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP,
for my environment: IPA 4.2 on RHEL7
# ipa-cacert-manage -p DM_PASSWORD -n NICKNAME -t C,, install ca.crt
# ipa-certupdate
#
Hi,
The instructions that you followed are used when you want to install
FreeIPA with an embedded Certificate Authority (ie FreeIPA is able to
issue certificates), and FreeIPA CA is signed by a 3rd party CA.
Maybe your goal is just to use a 3rd party certificate for IPA's LDAP
server and
I am trying to set up IPA servers with Verisign certificate, so that the
Admin Web console can use public signed certificate to meet company's
security requirement. But when I try to follow Red Hat's instructions at
12 matches
Mail list logo