[Freeipa-users] CA-less vs CA-ful FreeIPA 4.2 installation
Peter Pakos
peter at pakos.pl
Fri Jan 15 16:17:35 UTC 2016
Hi,
We've been testing FreeIPA system for a while now and we're getting
closer to moving it into production.
I'm considering both CA-less and CA-ful installation types. I hope you
guys can help me make my mind and choose the right decision.
What are the pros and cons of each install type?
What exactly are we loosing if we choose CA-less install?
One of our requirements is to have a 3rd party HTTP and LDAP
certificates installed - which install path would be more suitable?
I'm also thinking ahead, when it comes to renewing certificates when
they expire in 1 year time, which install type would cause less problems?
I've failed to find any useful info covering the above points, so if you
know anything, please just let me know.
I would appreciate your input.
Thanks in advance.
--
Kind regards,
Peter Pakos
More information about the Freeipa-users
mailing list