https://frasertweedale.github.io/blog-redhat/posts/2019-10-24-removing-ip...
I'm going to try this scheme instead of CA
Httpd. pem ladp. Pem ladp. Pem httpd.pem ladp.I hope I can get some guidance. Thank you
1:Generate ca-key ca-cert
#openssl req -new -x509 -keyout ca-key -out ca-cert -days 365
2: Generate certificate signing request:
#openssl req -new -key ca-key -out csr.csr
3:Generate pem
openssl req -x509 -days 365 -key ca-key -in csr.csr -out http.pem
openssl req -x509 -days 365 -key ca-key -in csr.csr -out ldap.pem
4:install freeipa
root@migration-ipa-65:~/test_ca# ipa-cacert-manage install ca-cert
Installing CA certificate, please wait
CA certificate successfully installed
5:install http.pem
root@migration-ipa-65:~/test_ca# ipa-server-certinstall \
--dirman-pass xxx \
--http /root/test_ca/http.pem --pin xxx
No server certificates found in
/root/test_ca/http.pem
The ipa-server-certinstall command failed.