By default lib389 installer creates a Self-Signed CA and later a temporary server certificate to bootstrap initial installation. FreeIPA does not need the CA as it uses Unix domain sockets and local connections for initial setup.
/etc/dirsrv/ssca exists
/etc/dirsrv/ssca
/etc/dirsrv/ssca should not exist
freeipa-server-4.8.7-1.fc32.x86_64 389-ds-base-1.4.3.10-1.fc32.x86_64
slapd_options.set('self_sign_cert', False) disables creation of SSCA and self-signed cert.
slapd_options.set('self_sign_cert', False)
Metadata Update from @cheimes: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5111 - Issue set to the milestone: FreeIPA 4.8
master:
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.