[Freeipa-users] Switch certificates from external CA to internal

Jeff Goddard Thu, 12 Jan 2017 06:03:16 -0800

I've had issues with expired certificates. In the course of troubleshooting
I've somehow set the cas to external. Is there a way I can switch back?


[root@id-management-1 conf]# getcert list-cas
CA 'SelfSign':
        is-default: no
        ca-type: INTERNAL:SELF
        next-serial-number: 01
CA 'IPA':
        is-default: no
        ca-type: EXTERNAL
        helper-location: /usr/libexec/certmonger/ipa-server-guard
/usr/libexec/certmonger/ipa-submit
CA 'certmaster':
        is-default: no
        ca-type: EXTERNAL
        helper-location: /usr/libexec/certmonger/certmaster-submit
CA 'dogtag-ipa-renew-agent':
        is-default: no
        ca-type: EXTERNAL
        helper-location: /usr/libexec/certmonger/ipa-server-guard
/usr/libexec/certmonger/dogtag-ipa-renew-agent-submit
CA 'local':
        is-default: no
        ca-type: EXTERNAL
        helper-location: /usr/libexec/certmonger/local-submit
CA 'dogtag-ipa-ca-renew-agent':
        is-default: no
        ca-type: EXTERNAL
        helper-location:
/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit -vv

Thanks,

Jeff

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] Switch certificates from external CA to internal

Reply via email to