I've tinkered with FreeIPA a while ago when I was investigating various ways to
control WiFi access but have not been very active lately with it.
I have a new topic that popped up where I need to create user certificates for access to a
specific web site hosted behind an Nginx Reverse Proxy.
I have manually created a (forgive my incorrect terms) ca cert and pointed nginx to it and
then I created user certs for each user that needs to be granted access. This was done
manually using openssh in the pilot phase.
Would FreeIPA be able to do this at scale? I see some chatter about FreeIPA 4.x
introducing user certs, but that chatter hasn't specifically covered how to get the
master ca cert linked to nginx/apache.
The noob question might be useful for someone doing similar research. I am not mission
critical in this investigation, just trying to minimize my manual management of user
certs.
Thanks,
Henery Hawk