Not an expert on this anymore, but this may help.
http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP Also, what do you want to accomplish? It assumes a CA is available, for some of its tasks. Why are you trying to use real certs? Just for actual http servers or something? For puppet etc? Sent from my iPad On Nov 9, 2014, at 4:36 PM, Morgan Blackthorne <[email protected]> wrote: So I've looked at freeipa, and I can't seem to find much into on how to do things like use a real SSL cert with it. I can't decide if this is the right tool for the job and I need to spend more time on it, or if it's quirks are just a rabbit hole. I've looked more at the samba solution since that's what Amazon was using, and that looks interesting. One thing I'm unclear on is how non Windows nodes would auth. Does Samba implement an ldap server, or do I need to configure it to tie into openldap? And Edward, laptops are out of scope for what I'm asking. My laptop belongs to the day job and I'm the only employee of this org at this time. On Nov 3, 2014 4:01 AM, "Edward Ned Harvey (lopser)" <[email protected]> wrote: > > From: Matthew Barr [mailto:[email protected]] > > > > I'm not sure my other post on this went through, but the FreeIPA > > project might be just what you are looking for. Decent GUI, cli for > > everything, leap + Kerberos and it works nicely with SSSD... > > Are you saying that it does basically everything you want? Not terribly > difficult to set up, not terribly difficult to perform regular admin tasks, > securely authenticates users on multiple devices, caches and allows for > offline usage of laptops etc? > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ >
_______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
