On 29/05/2019 03.39, チョーチュアン via FreeIPA-users wrote: > Thanks for the feed, and yes, I have the RSA CA working apart from a > negotiation error. Hi,
fantastic, thanks for trying this! I was able to install FreeIPA with NitroKey HSM support last year using an experimental build https://gist.github.com/tiran/af7c21882e1732227455a13c3b8ff380 . HSM integration is super experimental. There are currently several known bugs in Dogtag and FreeIPA related to HSM. A bunch of features don't work either, e.g. Sub CAs and replication. We haven't announced the feature yet because it is barely usable. I'm even puzzled that you were able to complete the installation at all. My last installation attempts completely failed. Christian -- Christian Heimes Principal Software Engineer, Identity Management and Platform Security Red Hat GmbH, http://www.de.redhat.com/, Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, HRB 153243, Managing Directors: Charles Cachera, Michael O'Neill, Tom Savage, Eric Shander
signature.asc
Description: OpenPGP digital signature
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org