Setting up RHCS to work as IdM's external CA

Solution Verified - Updated -

Issue

This article is an example of configuration that allows to use Dogtag instance as external certificate authority (CA) for FreeIPA installation.

IDM server can be configured to act as a Certificate Authority inside IDM domain. It will then be able to issue signed certificates used by it's LDAP server, users or hosts or any other services, which will be trusted within this IDM domain.

Using external CA, instead of self-signed internal option, can be beneficial in cross-platform environment or when you need more specialized and powerful solution for CA than embedded Dogtag that is included in IPA installations.

Environment

  • RHEL 7-8: ipa.dogtag.local - IPA server
  • RHEL 7: ca.dogtag.local - RHCS server

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content