Jump To Close

Expand all Collapse all

Settings Close

• Language: 한국어 日本語 简体中文 English
• Format: Multi-page Single-page PDF

Language and Page Formatting Options

• Language: 한국어 日本語 简体中文 English
• Format: Multi-page Single-page PDF

Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

26.4. Changing the Certificate Chain

You can modify the certificate chain by renewing the CA certificate using the ipa-cacert-manage renew.

Self-signed CA certificate → externally-signed CA certificate

Add the --external-ca option to ipa-cacert-manage renew. This renews the self-signed CA certificate as an externally-signed CA certificate.

For details on running the command with this option, see Section 26.2.2, “Renewing CA Certificates Manually”.

Externally-signed CA certificate → self-signed CA certificate

Add the --self-signed option to ipa-cacert-manage renew. This renew the externally-signed CA certificate as a self-signed CA certificate.