On Fri, Jun 07, 2013 at 09:23:48AM -0400, Dmitri Pal wrote: > > > > The problem is that if you pass IPA certificates issued by CA2 and > > point it to CA1 at the same time, it does not work (despite having the > > complete trust chain). > > But why would you do so? What would be the reason and business case? Why > not to point to CA2?
Could the business case be an IPA server in DMZ which does not have access to CA2 but it can get to (public) CA1? -- Jan Pazdziora | adelton at #ipa*, #brno Principal Software Engineer, Identity Management Engineering, Red Hat _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
