It's a little bit more clear. Thanks.
I have created a new ipa 4.1 replica but when I want run :
# ipa-cacert-manage renew --self-signed
I've got this message :
[root@ipa-devel-centos7 ~]# ipa-cacert-manage renew --self-signed
CA is not configured on this system
If I want to install the CA
Dne 8.4.2015 v 17:43 James James napsal(a):
It's a little bit more clear. Thanks.
I have created a new ipa 4.1 replica but when I want run :
# ipa-cacert-manage renew --self-signed
I've got this message :
[root@ipa-devel-centos7 ~]# ipa-cacert-manage renew --self-signed
CA is not configured
On 04/03/2015 11:39 AM, James James wrote:
Hello,
I want to initialize a new replica with an external CA. My Certificate
Authority wants a CSR with the field emailAddress in the subject like :
/C=FR/O=TESTO/OU=TESTOU/CN=*.example.com/emailAddress=n...@none.com
I am not a bit confused. Do
ok.
Is there a way to migrate from an external CA to a CA-less or a self-signed
CA ?
2015-04-07 12:51 GMT+02:00 Martin Kosek mko...@redhat.com:
On 04/03/2015 11:39 AM, James James wrote:
Hello,
I want to initialize a new replica with an external CA. My Certificate
Authority wants a
On 04/07/2015 01:44 PM, James James wrote:
ok.
Is there a way to migrate from an external CA to a CA-less or a self-signed
CA ?
Yes, you can use ipa-cacert-manage tool introduced in FreeIPA 4.1.0:
https://www.freeipa.org/page/Howto/CA_Certificate_Renewal
I will try to give a better explanation :
I have a CentOS 6.6 with ipa 3.0 named ipa-master. ipa-master has been
installed with an external CA about 3 years ago and I will have to renew
the certificate soon.
I have created a test server (ipa-dev) with the same configuration (centos
6.6 and ipa
On 04/07/2015 02:08 PM, James James wrote:
I will try to give a better explanation :
I have a CentOS 6.6 with ipa 3.0 named ipa-master. ipa-master has been
installed with an external CA about 3 years ago and I will have to renew
the certificate soon.
I have created a test server
Dne 7.4.2015 v 15:31 Martin Kosek napsal(a):
On 04/07/2015 02:08 PM, James James wrote:
I will try to give a better explanation :
I have a CentOS 6.6 with ipa 3.0 named ipa-master. ipa-master has been
installed with an external CA about 3 years ago and I will have to renew
the certificate