On 7/25/19 3:11 PM, Saurabh Garg via FreeIPA-users wrote:
Thanks Florence for the response.
As the CSR (that was submitted to an external CA for signing) was generated by IDM server
using the command - "ipa-cacert-manage renew --external-ca", private key
required for running "ipa-server-certinstall" should be provided by IDM
Could you please help me to get hold of the private key used by IDM while generating the
CSR
Hi,
you cannot use ipa-cacert-manage renew --external-ca to produce a CSR
for the apache server. This command would craft the CSR with extensions
adapted for a CA cert, not for a server cert.
Please see [1] Replacing the Web Server's and LDAP server's certificate,
it shows how to create a new CSR.
flo
[1]
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/...
Thanks,
Saurabh Garg
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...