What is your reasoning for setting up your own CA configuration? Why not
just use either ipa-getcert or getcert -c IPA?
I am not yet familiar with the entire setup enough to give a good answer. I
assume that requires full freeIPA setup, which i don't really need.
I just wanted a simplistic
On 02/12/2015 03:46 AM, marcin kowalski wrote:
What is your reasoning for setting up your own CA configuration? Why not
just use either ipa-getcert or getcert -c IPA?
I am not yet familiar with the entire setup enough to give a good
answer. I assume that requires full freeIPA setup, which i
Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
I tried this command :
getcert request -c dogtag-ipa -f /etc/pki/testcert -k /etc/pki/testkey -N
cn=mywebserver
i've setup the 'dogtag-ipa' ca in certmonger like so :
id=dogtag-ipa
ca_aka=Dogtag (IPA,renew,agent)
I forgot to add - usually removing the -v bit in ca external helper
definition produces the aforementioned 'rejected by CA' message, instead of
verbose output.
2015-02-11 10:00 GMT+01:00 marcin kowalski yoshi...@gmail.com:
Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
On 02/10/2015 12:35 PM, marcin kowalski wrote:
Hi all, i'm getting dogtag figured out slowly, and i noticed one odd
thing.
I've setup certmonger to request an arbitrary certificate through
dogtag, and while the request seems to go into the dogtag system,
certmonger acts as if communication
Hi all, i'm getting dogtag figured out slowly, and i noticed one odd thing.
I've setup certmonger to request an arbitrary certificate through dogtag,
and while the request seems to go into the dogtag system, certmonger acts
as if communication with the CA failed. The certificate is considered in
