[Freeipa-users] Adding external CA
crony
leszek.mis at gmail.com
Thu Mar 12 11:48:45 UTC 2015
Thank you David, I'll check it out.
2015-03-12 12:36 GMT+01:00 David Kupka <dkupka at redhat.com>:
> On 03/12/2015 10:37 AM, crony wrote:
>
>> Hi FreeIPA Users,
>> I have a fresh new FreeIPA 4.1 on RHEL7.1 with self-sign CA and I would
>> like to change the self-sign CA to the external CA
>>
>> Do you have any step by step document for do it correctly on 4.1 version?
>>
>> /lm
>>
>>
>>
>>
> Hello!
>
> I'm not aware of this being documented but fortunately this can be done in
> 3 easy steps:
>
> 1. # ipa-cacert-manage renew --external-ca
> 2. Let CA of your choice sing the CRL produced in step 1.
> 3. # ipa-cacert-manage renew --external-cert-file=/path/to/signed_certificate
> --external-cert-file=/path/to/external_ca_certificate
>
> --
> David Kupka
>
--
Pozdrawiam Leszek Miś
www: http://cronylab.pl
www: http://emerge.pl
Nothing is secure, paranoia is your friend.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150312/187d054f/attachment.htm>
More information about the Freeipa-users
mailing list