[Freeipa-users] services and openSSL and stuff
Dmitri Pal
dpal at redhat.com
Thu Apr 24 20:54:29 UTC 2014
On 04/24/2014 03:24 PM, Andrew Holway wrote:
> Hello,
>
> I would like to use freeipa CA to manage certs for our organisation.
> In testing this out I have created an SSL key with the following.
>
> openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
>
> This CSR I pasted into the service certificate UI and have a tick next
> to "Valid Certificate Present" however I am a little unsure where to
> go from here.
>
> I assume I need to install a signed certificate with ipa-getcert
> request or so but, as my understanding of ssl is so terrible, I am
> unsure how to proceed.
>
> Please help!
>
> Ta
>
> Andrew
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
What are the certs for?
If they are for systems and services you might make you life simpler by
using certmonger on the system where your service will be running.
Assuming it is fedora, RHEL, CentOS and such (not sure about Debian and
Ubuntu, they might have certmonger too) you install ipa-client and it
will configure certmonger to use IPA. See certmonger man pages to get
the certs for the services.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-users
mailing list