[Freeipa-users] How do I create a certificate to support LDAPS for an IPA cluster
Bob Hinton
bob at jackland.demon.co.uk
Tue Aug 30 10:13:43 UTC 2016
Hi,
We use IPA to authenticate users for other systems e.g. Rundeck via
LDAP. We have a CNAME for the cluster of IPA masters and could use this
for authentication, but the connection would then be unencrypted. We
therefore use LDAPS, but this currently forces us to a single server in
the cluster so that Rundeck sees a valid SSL certificate. This means
that the authentication fails if that particular IPA master is down.
Is it possible to create a single SSL certificate that would support a
LDAPS connection to any of the IPA masters and, if so then how is this
done ?
Many thanks
Bob Hinton
More information about the Freeipa-users
mailing list