Hi all, Creating the SSL certs/keys for for example Apache can easily be done by using the FreeIPA Dogtag CA-server. With some effort, I put it in an Ansible playbook which will install Apache and certficates "on demand".
Sometimes a server needs to be re-installed ("cattle-servers"); why
bother about backup/restore when a server can be redeployed within
minutes. However, a new certificate needs to created; it seems since I
cannot (re)download the private key once created.
Now: is it just impossible to (re) download the private ssl key later
on for re-use?
If not possible: FreeIPA vault (KRA) seems a proper way to store
private key. Correct?
Thanks!
Winfried
signature.asc
Description: This is a digitally signed message part
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
