[Freeipa-users] Common Name for the ipa-cacert-manage command
Rob Crittenden
rcritten at redhat.com
Tue Apr 21 21:55:45 UTC 2015
William Graboyes wrote:
> Hi List,
>
> I am having yet another issue, when I run the following command:
> ipa-cacert-manage renew --external-ca
>
> It does output the CSR, however the CN is not a valid name
> (Certificate Authority). Is it possible to change the output of this
> command to use an external CA that requires a proper common name to be
> in the CSR?
>
> What I am trying to do is change from the internal self signed certs
> to an external CA signing system.
>
What isn't valid about the name?
This would make the IPA CA a subordinate of the external CA. Is that
what you want?
rob
More information about the Freeipa-users
mailing list