subject:"\[Freeipa\-users\] Let's Encrypt SSL pkscs 12 problem notes anyone. CENTOS 7 FreeIPA install"

Re: [Freeipa-users] Let's Encrypt SSL pkscs 12 problem notes anyone. CENTOS 7 FreeIPA install

2016-04-21 Thread Martin Kosek

On 04/21/2016 11:22 AM, Branko Quenode wrote:
> Hi ,
> 
> I am trying to install freeipa with centos and Let's Encrypt SSL.
> 
> I create lets-encrypt with webroot option.
> 
> Then i did
> 
> cat privkey.pem fullchain.pem > /root/key.pem
> 
> openssl pkcs12 -export -in /root/key.pem  -out ipa.pkcs12 -name 
> "ipa.somedomain.com "
> 
> 
> ipa-server-install --ip-address= 
>   --http_pkcs12=/etc/letsencrypt/live/ipa.somedomein.com/ipa.pkcs12 
>  
> --dirsrv_pkcs12=/etc/letsencrypt/live/ipa.somedomain.com/ipa.pkcs12 
>  
> --root-ca-file=/etc/letsencrypt/live/ipa.somedomain.com/fullchain.pem 
> 
> 
> I got error
> ipa.ipapython.install.cli.install_tool(Server): ERRORThe full certificate 
> chain is not present in /etc/letsencrypt/live/ipa.somedomain.com/ipa.pkcs12 
> 
> 
> 
> What I am missing intermediate.crt maybe ?

Probably. Sounds like

https://www.redhat.com/archives/freeipa-users/2016-April/msg00161.html

Martin

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] Let's Encrypt SSL pkscs 12 problem notes anyone. CENTOS 7 FreeIPA install

2016-04-21 Thread Branko Quenode

Hi ,

I am trying to install freeipa with centos and Let's Encrypt SSL.

I create lets-encrypt with webroot option.

Then i did

cat privkey.pem fullchain.pem > /root/key.pem

openssl pkcs12 -export -in /root/key.pem  -out ipa.pkcs12 -name "
ipa.somedomain.com"


ipa-server-install --ip-address=  --http_pkcs12=/etc/letsencrypt/live/
ipa.somedomein.com/ipa.pkcs12 --dirsrv_pkcs12=/etc/letsencrypt/live/
ipa.somedomain.com/ipa.pkcs12 --root-ca-file=/etc/letsencrypt/live/
ipa.somedomain.com/fullchain.pem

I got error
ipa.ipapython.install.cli.install_tool(Server): ERRORThe full
certificate chain is not present in /etc/letsencrypt/live/
ipa.somedomain.com/ipa.pkcs12


What I am missing intermediate.crt maybe ?

Thank you.
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Let's Encrypt SSL pkscs 12 problem notes anyone. CENTOS 7 FreeIPA install

[Freeipa-users] Let's Encrypt SSL pkscs 12 problem notes anyone. CENTOS 7 FreeIPA install

2 matches

Site Navigation

Mail list logo

Footer information