On 19/07/17 20:06, Rob Crittenden via FreeIPA-users wrote:
lejeczek via FreeIPA-users wrote:
hello fallas

those certs I see with:
$ ipa cert-find
is it possible to get private key(s) for a given cert? With means of
(any)command line?
Not from the CA, no.

The CA doesn't store the private keys for the certificates it issues and
never sees them at all.

You need access to the filesystem containing the private keys to be able
to retrieve/extract them.

rob
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
so these are replicas/host certs created during replica/host add that I'm looking at - where IPA stores those private keys? Would there be any howto on how to get cert+keys pair in standard pem out of IPA to use outside of IPA?

many thanks
L.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to