I had missunderstood you im this case. No you don't need to create second CA. But you must generate cert for DS on AD CA. Then you need to import this cert with AD CA cert on DS
Greg. 27 mar 2013 15:41, "alexandre" axel0felix@gmail.com napisał(a):
I'm really impressed by the reactivity of this list !!!
Sorry my understanding is not perfect because i'm french, so I don't have any CA in my DS, I have one CA (installed on my domain controller).
Do I need to install a CA in my DS ? (when I write CA for me it means a Authority).
Alex
2013/3/27 Grzegorz Dwornicki gd1100@gmail.com
If you have diferent CA in AD vs DS then you need to do this import.
AD by default don't use LDAPS or STARTSSL soo you need to install ms cert CA stuff.
Greg. 27 mar 2013 15:07, "alexandre" axel0felix@gmail.com napisał(a):
Hello,
I try to follow this procedure :
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8.2/...
Everything works fine, except I don't understand right this line:
"Import the CA certificate from Directory Server into Active Directory. Click *Trusted Root CA*, then *Import*, and browse for the Directory Server CA certificate."
For me CA certificate, it's a certificate from the Authority, so in my Active Directory the certificate from the authority is already know in the Trusted Root CA.
So, do I need to import 389DS server certificate in my active directory ?
And finally, there is no indication to do that, someone can help me to pass through ?
Thanks in advance.
Best regards, Alex
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users