Issue #5317: IPA setup using pre-existing upstream signed CA certs - freeipa

freeipa

#5317 IPA setup using pre-existing upstream signed CA certs

Opened 8 years ago by jamesmasson. Modified 7 years ago

As requested by dkupka - https://www.redhat.com/archives/freeipa-users/2015-September/msg00302.html

We frequently create and destroy IPA managed environments. Currently we use self-signed standalone IPA CAs.

We would like to switch to internally-signed IPA CA certs - which IPA does support. However, the install process is two step, which isn't great for automated use.

Since certmonger is being used for the CSR generation process, it should be possible to use it to submit the CSR to a remote server (Dogtag in my case), and have it handle the certificate request process automatically - no 2 step necessary.

Metadata Update from @jamesmasson:
- Issue assigned to someone
- Issue set to the milestone: Future Releases

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

Future Releases

None

affects_doc

None

source

None

knownissue

None

type

enhancement

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#5317 IPA setup using pre-existing upstream signed CA certs Opened 8 years ago by jamesmasson. Modified 7 years ago

Close issue as:

Metadata

#5317 IPA setup using pre-existing upstream signed CA certs

Opened 8 years ago by jamesmasson. Modified 7 years ago