[Freeipa-users] service cert to a host/member/service
lejeczek
peljasz at yahoo.co.uk
Wed May 4 16:05:08 UTC 2016
hi users,
as one follows official docs and issues a certificate for a
service/host, one wonders what is the correct way to move such a
certificate to a host(which is domain member) ?
I understand certificates issued with:
$ ipa cert-request -add --principal
are stored in ldap backend, (yet I don't quite get the difference
between that tool and ipa-certget).
How do I get such a certificate off the server and to a host-not-
server?
In my case I'm hoping to use this certificate in apache+nss.
I realize I also will need CA certificate on that host, which I got
hold of with certutil operated on /etc/dirsrv/slapd-MY-DOMAIN - if it's
the right way?##SELECTION_END##
many thanks.
L
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160504/45db3d1d/attachment.htm>
More information about the Freeipa-users
mailing list