[Freeipa-users] Certs.
Rob Crittenden
rcritten at redhat.com
Thu Sep 11 00:56:16 UTC 2014
Dmitri Pal wrote:
> On 09/10/2014 07:57 PM, William Graboyes wrote:
> Hi Dmitri,
>
> Production Environment is going to be RH 6.5, We are still evaluating
> the usage of systemd. More like we are taking a wait and see approach
> to to systemd, while actively testing it.
>> The command line options for chaining are there from day one.
>> So you would need to chain your production environment when you deploy it.
>> In future when you migrate to later versions (in couple of years or so)
>> you will be able to change the chaining using the new tools. Right now
>> it is a vary hard multi step manual procedure. This is why we developed
>> the tool.
>> But you should be all set for now. You would not need to change anything
>> for several years.
I also think we need to understand what you mean by replace the certs.
Do you just want to replace the web and ldap certs, and never need to
use any IPA-issued certificates or at you looking to replace the entire CA?
rob
More information about the Freeipa-users
mailing list