- Posted In
- Red Hat Identity Management
There is various documentation and steps in the Red Hat Identity Guide and other places on setting up PIV auth but little that has a step-wise approach to using DOD CAC pre-existing and IdM (FreeIPA).
(1) Associate certs from CAC with IdM user - DONE
(2) Update authconfig and sssd.conf on client - DONE
(3) Inserting CAC and entering PIN - FAILS
(4) Using certutil from cmdline with PIN - WORKS
There is mention in various places about adding the root CA (DOD CA-44 in this case) on the clients, but little about if it's required and a simple clear 1-2-3 approach to CAC + IdM for NAPS customers.
Would be really nice to have this or a reply, customer ticket open already.