Forgot to add.
After some digging I saw the CA needed to be added to the nssdbs
I've added the CA cert to:
[root@ipa02 ipa02]# certutil -A -d /etc/pki/nssdb -n 'NewCA' -t CT,C,C -a
-i fullchain.pem
[root@ipa02 ipa02]# certutil -A -d /etc/httpd/alias -n 'NewCA' -t CT,C,C -a
-i fullchain.pem
Hi,
We've recently tried to change our https web certs for our IPA servers
following the instructions listed here:
https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
The web gui is successfully using https now, however we are having several
other problems.
Enrollment now