Hi folks,
Instead of a self-signed certificate I would like to use an external
CA to sign freeipa's CSR ("ipa-server-install --external-ca").
Question:
Is pathlen:0, e.g.
basicConstraints=critical,CA:TRUE, pathlen:0
sufficient for freeipa's CA certificate?
Regards
Harri