[Freeipa-users] Replace Self-Signed Cert

quest monger quest.monger at gmail.com
Mon Oct 13 19:39:21 UTC 2014


I found some documentation for getting certificate signed by external CA
(2.3.3.2. Using Different CA Configurations) -
http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/creating-server.html

But looks like those instructions apply to a first time fresh install, not
for upgrading an existing install.



On Mon, Oct 13, 2014 at 3:24 PM, quest monger <quest.monger at gmail.com>
wrote:

> I was told by my admin team that Self-signed certs pose a security risk.
>
>
> On Mon, Oct 13, 2014 at 3:17 PM, Rob Crittenden <rcritten at redhat.com>
> wrote:
>
>> quest monger wrote:
>> > Hello All,
>> >
>> > I installed FreeIPA server on a CentOS host. I have 20+ Linux and
>> > Solaris clients hooked up to it. SSH and Sudo works on all clients.
>> >
>> > I would like to replace the self-signed cert that is used on Port 389
>> > and 636.
>> >
>> > Is there a way to do this without re-installing the server and clients.
>>
>> Why do you want to do this?
>>
>> rob
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141013/e32e5b2c/attachment.htm>


More information about the Freeipa-users mailing list