[Freeipa-users] Problem installing external SSL Certificate
Dewangga Bachrul Alam
dewanggaba at xtremenitro.org
Wed May 20 02:28:47 UTC 2015
This is the verbose log, tried to convert them to p12 format (dont know
it's right or not), still no luck.
http://fpaste.org/223608/88775143/raw/
Ref: http://www.redhat.com/archives/freeipa-users/2014-August/msg00338.html
Any additional hints?
On 05/19/2015 08:30 PM, Dewangga Bachrul Alam wrote:
> Hello!
>
> I was build FreeIPA 4.1.4 on CentOS 7.1, the deployment was done, but
> could I changes the HTTP and dirsv certificate? I have wildcard
> certificate (thawte SSL CA - G2). It is compatible for FreeIPA (http and
> dirsv)?
>
> I've tried to follow the instruction
> https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
> but no luck.
>
> $ ipa-server-certinstall -wd mydomain.co.id.key \
> mydomain.co.id-bundled.crt
>
> Directory Manager password:
>
> Enter private key unlock password:
>
> The full certificate chain is not present in mydomain.co.id.key,
> mydomain.co.id-bundled.crt
>
> FYI, mydomain.co.id-bundled.crt chain have SIGNED then INTERMEDIATE
> certificate order. (2 chain)
>
> I've tried to bundling them using root certificate, still have no luck.
> (3 chain, SIGNEDCERT, INTERMEDIATE, ROOTCERT).
>
> Any comments will be appreciated :)
> Thanks
>
More information about the Freeipa-users
mailing list