Depends on the version you are running, but in the recent version this is really simple: http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
It basically boils down to first install the relevant root certificate, then install the new server certificate with: ipa-server-certinstall -v -w -d -p DMPASSWORD keyfile certificatefile Regards Bjarne Blichfeldt. -----Original Message----- From: Bart [mailto:cuerrv...@gmail.com] Sent: 15. maj 2018 11:44 To: freeipa-users@lists.fedorahosted.org Subject: [Freeipa-users] Changing configuration to use external certificate instead of self signed Hi all, I have an instance of FreeIPA with PKI server and self signed certificate. It runs on one of the two instances of FreeIPA server. Is it possible to rid of it and use external certificate instead? If so, what steps does it take? Or it would require to reinstall everything from scratch? If both approaches are possible (reinstallation and replacing self-signed certificate with external one), which is more complex to apply? Thank you for your help. Bart _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
