[Freeipa-users] can't specify DNS name or subject in cert request in FreeIPA 3.3
Steve Neuharth
steve at sylvation.com
Thu Mar 26 18:09:53 UTC 2015
I'm trying to specify a subject name in a cert request like this:
ipa-getcert request -K HTTP/web.test.org -N *cn=www.test.org
<http://www.test.org>,o=TEST.ORG <http://TEST.ORG>* -f /tmp/webserver.crt
-k /tmp/webprivate.key -r
or like this
ipa-getcert request -K HTTP/web.test.org -D www.test.org -f
/tmp/webserver.crt -k /tmp/webprivate.key -r
The resulting certificate, however, just has the hostname of the server
like this:
Request ID '20150326060555':
status: MONITORING
stuck: no
key pair storage: type=FILE,location='/tmp/webprivate.key'
certificate: type=FILE,location='/tmp/webserver.crt'
CA: IPA
issuer: CN=Certificate Authority,O=TEST.ORG
subject: *CN=web.test.org <http://web.test.org>,O=TEST.ORG
<http://TEST.ORG>*
expires: 2017-03-26 05:46:29 UTC
key usage:
digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
eku: id-kp-serverAuth,id-kp-clientAuth
pre-save command:
post-save command:
track: yes
auto-renew: yes
Is this a bug or am I doing something wrong in certmonger?
--steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150326/1e014baa/attachment.htm>
More information about the Freeipa-users
mailing list