I've seen that you can import a CA signed certificate into freeipa. Normally, with fedora directory server, you would generate a CSR using the Certificate Request Wizard and them import the signed certificate. Are there any instructions on generating a CSR for use with freeipa?