On 02/12/2015 03:46 AM, marcin kowalski wrote:
> What is your reasoning for setting up your own CA configuration? Why not
just use either ipa-getcert or getcert -c IPA?
I am not yet familiar with the entire setup enough to give a good
answer. I assume that requires full freeIPA setup, which i d
> What is your reasoning for setting up your own CA configuration? Why not
just use either ipa-getcert or getcert -c IPA?
I am not yet familiar with the entire setup enough to give a good answer. I
assume that requires full freeIPA setup, which i don't really need.
I just wanted a simplistic dogt
marcin kowalski wrote:
> |Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
>
>
> I tried this command :
>
> getcert request -c dogtag-ipa -f /etc/pki/testcert -k /etc/pki/testkey
> -N "cn=mywebserver"
>
> i've setup the 'dogtag-ipa' ca in certmonger like so :
>
> id=dogta
On Wed, Feb 11, 2015 at 10:04:42AM +0100, marcin kowalski wrote:
> I forgot to add - usually removing the "-v" bit in ca external helper
> definition produces the aforementioned 'rejected by CA' message, instead of
> verbose output.
Ah. Yes, the verbose output goes to stdout, where it confuses th
I forgot to add - usually removing the "-v" bit in ca external helper
definition produces the aforementioned 'rejected by CA' message, instead of
verbose output.
2015-02-11 10:00 GMT+01:00 marcin kowalski :
> Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
>
>
> I tried thi
Edit: i acceditanlly forgot to send copy to the list, so resubmitting.
I tried this command :
getcert request -c dogtag-ipa -f /etc/pki/testcert -k /etc/pki/testkey -N
"cn=mywebserver"
i've setup the 'dogtag-ipa' ca in certmonger like so :
id=dogtag-ipa
ca_aka=Dogtag (IPA,renew,agent) (certmon
On 02/10/2015 12:35 PM, marcin kowalski wrote:
Hi all, i'm getting dogtag figured out slowly, and i noticed one odd
thing.
I've setup certmonger to request an arbitrary certificate through
dogtag, and while the request seems to go into the dogtag system,
certmonger acts as if communication wi
Hi all, i'm getting dogtag figured out slowly, and i noticed one odd thing.
I've setup certmonger to request an arbitrary certificate through dogtag,
and while the request seems to go into the dogtag system, certmonger acts
as if communication with the CA failed. The certificate is considered in
n