[Freeipa-users] Multiple CA certificates (for PassSync)
Rob Crittenden
rcritten at redhat.com
Thu Jul 9 13:23:14 UTC 2015
Joseph, Matthew (EXP) wrote:
> Hello,
>
> We are currently in the process of replacing our IdM 3.x server with 4.x.
>
> There are going to be some major directory changes during the upgrade so
> I need to keep both the old and new IdM servers up and running separately.
>
> Part of our configuration is using the password sync between IdM and
> Active Directory.
>
> I can’t find any information on this so I figured I’d ask you guys to
> see if anyone has done this before.
>
> Can I have two CA certificates from 2 IdM servers installed on the
> Active Directory server? And will this cause any issues with our
> password sync?
I'm not sure if you can do this. The CA is probably the least of your
problems. I don't believe the AD passsync service can be aware of
multiple consumers like this.
Rich may know.
rob
More information about the Freeipa-users
mailing list