Re: [Freeipa-users] FreeIPA no CA: Which certs are used for LDAPS and web UI?

[Fraser Tweedale]

On Sun, Mar 26, 2017 at 10:52:56PM +, Dagan wrote:
> Hi, 
> 
> I have been asked to look at configuring our new FreeIPA environment using 
> existing externally signed wildcard SSL certificates if possible. 
> 
> I see in the documentation options to specify --dirsrv-cert-file and 
> --http-cert-file with relevant passwords. 
> 
> If we configure these options, are they used as the LDAPS and web UI SSL 
> certificates? 
>
Hi Dagan,

Yes, that is how you specify the LDAP and HTTP certificates.

> If not, are there other command options to specify those as external 
> certificates? 
> 
> Do wildcard certificates cause any problems with FreeIPA? 
> 
Wildcard certs will work fine.

Cheers,
Fraser

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] FreeIPA no CA: Which certs are used for LDAPS and web UI?

[Dagan]

Hi, 

I have been asked to look at configuring our new FreeIPA environment using 
existing externally signed wildcard SSL certificates if possible. 

I see in the documentation options to specify --dirsrv-cert-file and 
--http-cert-file with relevant passwords. 

If we configure these options, are they used as the LDAPS and web UI SSL 
certificates? 
If not, are there other command options to specify those as external 
certificates? 

Do wildcard certificates cause any problems with FreeIPA? 

Cheers, 
Dagan McGregor 

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project