Hi all, Creating the SSL certs/keys for for example Apache can easily be done by using the FreeIPA Dogtag CA-server. With some effort, I put it in an Ansible playbook which will install Apache and certficates "on demand".
Sometimes a server needs to be re-installed ("cattle-servers"); why bother about backup/restore when a server can be redeployed within minutes. However, a new certificate needs to created; it seems since I cannot (re)download the private key once created. Now: is it just impossible to (re) download the private ssl key later on for re-use? If not possible: FreeIPA vault (KRA) seems a proper way to store private key. Correct? Thanks! Winfried
signature.asc
Description: This is a digitally signed message part
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org