[Freeipa-users] Installing Using Existing Certificate
Benjamin Reed
ranger at opennms.org
Tue Sep 6 16:35:58 UTC 2011
On 9/6/11 12:21 PM, Benjamin Reed wrote:
> On 9/6/11 11:56 AM, Benjamin Reed wrote:
>> ...is the issue that I really need a *.opennms.com certificate, or that
>> I need to make my domain/realm "connect.opennms.com" ?
>
> Actually, I just tried this (making the hostname *and* the domain
> "connect.opennms.com") and it still bombs with the same error. I must
> be missing something else.
>
OK, I think I see what I could do differently. It seems I really need
to use the --external-ca method of setting up the server, except I've
already created a csr and received a certificate back from geotrust.
How do I short-circuit the first-half (--external-ca) part of the
install so I can pass in my certificate and ca chain for the second
half? (--external_cert_file and --external_ca_file)
Sorry for the newbie questions, it appears my real issue is I got the
certificate before seeing that FreeIPA sets things up by generating it's
own CSR.
--
Benjamin Reed
The OpenNMS Group
http://www.opennms.org/
More information about the Freeipa-users
mailing list