I am trying to script the creation of a bunch of host certificates.
Unlike the web UI, the CLI seems to require two separate steps to do
this. (Please correct me if I'm wrong about this.)
After I generate a key and CSR, I create a certificate with
'ipa cert-request'. I am using host/${HOSTNAME}@${REALM} as the
principal, and I am saving the certificate with the --certificate-out
option.
Now I apparently need to use 'ipa host-add-cert' to add the certificate
to the host, but this requires that the certificate be passed in base64
format on the command line. I'm sure I can figure out how to do this
with some combination of sed, tr, etc., but this seems excessively
painful. Is there really not a way to do this in a single step or feed
a PEM-encoded certificate to 'ipa host-add-cert'?
--
========================================================================
Ian Pilcher arequipeno(a)gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================