[Freeipa-users] using dogtag outside of freeIPA?
Dmitri Pal
dpal at redhat.com
Fri Mar 27 20:57:52 UTC 2015
On 03/27/2015 04:52 PM, Steve Neuharth wrote:
> Hello,
>
> Is it possible or perhaps not recommended to use the dogtag API and/or
> UI on a FreeIPA system without using the freeIPA CLI or UI? I have a
> requirement to submit a certificate to a service without kerberos and
> without client software installed using a RESTful API. Dogtag API is
> very well documented and I do not want to associate all my
> certificates with a Kerberos principal because it adds complexity to
> the cert signing process. I just need to sign a cert without the
> FreeIPA overhead.
>
> I tried to get to the Dogtag web UI through the url
> http://ipa.example.com/ca/ee/ca but I get an unauthenticated web page
> (no password prompt) and broken image links. This tells me that
> perhaps the Dogtag UI in a FreeIPA installation is not meant to be
> used without FreeIPA. Is that correct?
>
> I know this is a weird use case and not necessarily a FreeIPA problem
> but if someone could advise, I'd greatly appreciate it.
For now you should use Dogtag by itself for this use case without IPA.
We are working on making it easier for this use case to be possible via
IPA but it is not there yet.
> --steve
>
>
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150327/fbbb8bcd/attachment.htm>
More information about the Freeipa-users
mailing list