[Freeipa-users] Installing a new Cert
Chris Whittle
cwhittl at gmail.com
Mon Aug 25 13:45:13 UTC 2014
I found this but I think it's just IPA certs?
http://www.freeipa.org/page/V4/CA_certificate_renewal
Basically I want to use my existing wildcard cert for https and ldaps...
I did this on my 3.3 install on CentOS but now I'm on a 4 install on Fedora
Core.
Any help would be more than appreciated!
Thanks!
On Mon, Aug 25, 2014 at 6:24 AM, Chris Whittle <cwhittl at gmail.com> wrote:
> I have 4 installed and I get it when I try to generate the pk12
> On Aug 25, 2014 3:50 AM, "Jan Cholasta" <jcholast at redhat.com> wrote:
>
>> Hi,
>>
>> Dne 25.8.2014 v 03:04 Chris Whittle napsal(a):
>>
>>> Trying to do this
>>> http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
>>>
>>> And I keep getting "Error unable to get local issuer certificate getting
>>> chain."
>>>
>>
>> Where are you getting this error? ipa-server-certinstall, or httpd, or
>> somewhere else?
>>
>> What version of ipa do you have installed?
>>
>>
>>> I'm wondering if it's because of this from the doc
>>> "The certificate in mysite.crt must be signed by the CA used when
>>> installing FreeIPA."
>>> but it might not either...
>>>
>>
>> In this case you should get a "file.p12 is not signed by /etc/ipa/ca.crt,
>> or the full certificate chain is not present in the PKCS#12 file" error in
>> ipa-server-certinstall.
>>
>>
>>> Any ideas?
>>>
>>>
>>>
>> Honza
>>
>> --
>> Jan Cholasta
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140825/1b249d90/attachment.htm>
More information about the Freeipa-users
mailing list