I found this but I think it's just IPA certs? http://www.freeipa.org/page/V4/CA_certificate_renewal
Basically I want to use my existing wildcard cert for https and ldaps... I did this on my 3.3 install on CentOS but now I'm on a 4 install on Fedora Core. Any help would be more than appreciated! Thanks! On Mon, Aug 25, 2014 at 6:24 AM, Chris Whittle <cwhi...@gmail.com> wrote: > I have 4 installed and I get it when I try to generate the pk12 > On Aug 25, 2014 3:50 AM, "Jan Cholasta" <jchol...@redhat.com> wrote: > >> Hi, >> >> Dne 25.8.2014 v 03:04 Chris Whittle napsal(a): >> >>> Trying to do this >>> http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP >>> >>> And I keep getting "Error unable to get local issuer certificate getting >>> chain." >>> >> >> Where are you getting this error? ipa-server-certinstall, or httpd, or >> somewhere else? >> >> What version of ipa do you have installed? >> >> >>> I'm wondering if it's because of this from the doc >>> "The certificate in mysite.crt must be signed by the CA used when >>> installing FreeIPA." >>> but it might not either... >>> >> >> In this case you should get a "file.p12 is not signed by /etc/ipa/ca.crt, >> or the full certificate chain is not present in the PKCS#12 file" error in >> ipa-server-certinstall. >> >> >>> Any ideas? >>> >>> >>> >> Honza >> >> -- >> Jan Cholasta >> >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project