[Freeipa-users] trust non-IPA certificate client
Rob Crittenden
rcritten at redhat.com
Fri Jan 2 18:02:33 UTC 2015
Stephen Ingram wrote:
> On Mon, Dec 15, 2014 at 6:40 PM, Stephen Ingram <sbingram at gmail.com
> <mailto:sbingram at gmail.com>> wrote:
>
> I have one client using a certificate issued by a third party
> provider such that any secure (TLS) LDAP queries are refused since
> the certificates were not issued by IPA. Since there are only a few
> clients with foreign certificates, can the CA simply be added to the
> NSS database used by the 389 directory server so IPA will establish
> a secure connection with them?
>
>
> I should have added, "or do I have to somehow add the certificate to the
> IPA directory?"
Need a little more context here. IPA doesn't use SSL client
authentication so it shouldn't be an issue. Can you provide more details
on what the client side is doing and what errors you are seeing?
rob
More information about the Freeipa-users
mailing list