[Freeipa-users] trying to setup cert with an internal CA
Mike Calautti
Mike.Calautti at genesyslab.com
Wed Nov 6 15:27:18 UTC 2013
Hi,
We have our own in house CA>.
I ran ipa-server-install -a secret12 -r EXAMPLE.COM -P password -p secret12 -n ipaserver.example.com --external-ca
It generated ipa.csr as expected..
I used opsenssl to sign it on our internal CA. I got the .crt file..
I assume I need the private KEY that the IPA server generated when it did the install.. and I assume I need ipa-getcert command to find it?
I cant seem to find it.. I am doing this because I assume I have to combine the CA files into a chain file and convert them to .p12 format?
This is on
Linux rdsdev01.com 3.4.61-9.el6.centos.alt.x86_64 #1 SMP Wed Sep 11 15:34:17 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
cat /etc/redhat-release
CentOS release 6.4 (Final)
rpm -qav|grep -i ipa
ipa-python-3.0.0-26.el6_4.4.x86_64
ipa-server-selinux-3.0.0-26.el6_4.4.x86_64
ipa-pki-ca-theme-9.0.3-7.el6.noarch
libipa_hbac-1.9.2-82.10.el6_4.x86_64
libipa_hbac-python-1.9.2-82.10.el6_4.x86_64
ipa-client-3.0.0-26.el6_4.4.x86_64
ipa-server-3.0.0-26.el6_4.4.x86_64
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-admintools-3.0.0-26.el6_4.4.x86_64
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20131106/d4c0e4b4/attachment.htm>
More information about the Freeipa-users
mailing list