[Freeipa-users] IP SAN in certificates
Alessandro De Maria
alessandro.demaria at gmail.com
Fri Oct 7 10:34:30 UTC 2016
Hello,
I am running the following command to create a certificate for etcd
ipa-getcert", "request", "-w", "-r", "-f", "/etc/etcd/ssl/server.crt",
"-k", "/etc/etcd/ssl/server.key", "-N", "CN=dock07.prod.zzzzzz", "-D",
"dock07.prod.zzzz", "-A", "10.0.1.67", "-K", "etcd/dock07.prod.zzzz"
ca-error: Server at https://id1.prod.zzzzzz/ipa/xml denied our request,
> giving up: 2100 (RPC failed at server. Insufficient access: Subject alt
> name type IP Address is forbidden).
I believe FreeIPA does not currently support IPs as the SAN of a
certificate.
Is this still the case? is there a workaroud?
Regards
Alessandro
--
Alessandro De Maria
alessandro.demaria at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161007/b3125630/attachment.htm>
More information about the Freeipa-users
mailing list