[Freeipa-users] yet another certificate question

Natxo Asenjo natxo.asenjo at gmail.com
Thu Oct 9 12:33:48 UTC 2014


if during the enrollment of a host a host certificate is created, then
this will be a nssdb type certificate.

However, lots of applications use file certificates and we can very
easily create one of those (even using configuration management

/usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`.crt -k /etc/pki/tls/private/`hostname --fqdn`.key

getcert list will see both, but in the ipa web interface in the host
information only the last one will be shown.

Is this a problem?


More information about the Freeipa-users mailing list