FreeIPA Provision Certificate
I tend to not remember the details of how to deploy FreeIPA managed certificates, so here are some personal notes…
Log in principal
kinit admin
Provision certificate
export h=$(hostname -s); export d=$(hostname -d); \
ipa service-add HTTP/${h}.${d}; \
ipa service-add-host --hosts=master.freeipa.${d} HTTP/${h}.${d}; \
ipa-getcert request -w -f /etc/pki/tls/certs/${h}.crt -k /etc/pki/tls/private/${h}.key -D ${h}.${d} -K HTTP/${h}.${d} -g 4096
Read other posts