On Wed, Jul 1, 2015 at 9:16 PM, Prashant Bapat wrote:
> I had the exact same requirement. Since we're on AWS, I ended up putting a
> ELB in front of each of my IPA servers with a commercial cert for web UI.
> The communication between ELB and the IPA server is using the IPA CA cert.
>
> On 2 July
Since the commercial cert is outside IPA renewing that cert would not
impact IPA at all.
On 2 July 2015 at 11:50, Prasun Gera wrote:
> How smooth is the renewal process ? if the webui cert expires, does it
> affect the core ipa functionality in any way ? Also, when ipa does it's own
> auto-renew
How smooth is the renewal process ? if the webui cert expires, does it
affect the core ipa functionality in any way ? Also, when ipa does it's own
auto-renewal, does it leave the webui alone if set up this way ?
On Wed, Jul 1, 2015 at 9:16 PM, Prashant Bapat wrote:
> I had the exact same require
I had the exact same requirement. Since we're on AWS, I ended up putting a
ELB in front of each of my IPA servers with a commercial cert for web UI.
The communication between ELB and the IPA server is using the IPA CA cert.
On 2 July 2015 at 07:03, Rob Crittenden wrote:
> Stephen Ingram wrote:
>
Stephen Ingram wrote:
I setup IPA using the internal CA. I'd like to continue using this CA,
however, I'd also like to allow authorized external browser users (who
haven't imported our CA) to access the WebUI without receiving a
warning. Is it possible to add a 3rd party certificate and CA such t
I setup IPA using the internal CA. I'd like to continue using this CA,
however, I'd also like to allow authorized external browser users (who
haven't imported our CA) to access the WebUI without receiving a warning.
Is it possible to add a 3rd party certificate and CA such that it is only
used for