Setting up RHCS to work as IdM's external CA
Issue
This article is an example of configuration that allows to use Dogtag
instance as external certificate authority (CA
) for FreeIPA
installation.
IDM
server can be configured to act as a Certificate Authority inside IDM
domain. It will then be able to issue signed certificates used by it's LDAP
server, users or hosts or any other services, which will be trusted within this IDM
domain.
Using external CA
, instead of self-signed internal option, can be beneficial in cross-platform environment or when you need more specialized and powerful solution for CA
than embedded Dogtag
that is included in IPA
installations.
Environment
- RHEL 7-8: ipa.dogtag.local -
IPA
server - RHEL 7: ca.dogtag.local -
RHCS
server
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.