On Fri, Jan 27, 2023 at 03:39:01PM -0000, Leo O via FreeIPA-users wrote:
I'm a bit confused by the time stamps of the messages, is
@Jan's approach working, was the "it isn't that simple..." for me only?
As for now If @Jan is right, I would copy the certificates into the container via
"/tmp" or "/data" and then go into the container and execute only
"ipa-server-certinstall -w -d mysite.key mysite.crt" and restart the container.
That's should be all right, I don't need the other commands?
My reply focused on your question "how would this be done when using
freeipa in a docker/podman container".
Rob focused on your plan of integrating acme.sh / LE to your setup and
implications thereof.
Ideally you'd have your acme.sh / LE setup done and verified and
working on a non-containerized FreeIPA setup (on a host or in a VM)
first, ironing out all the aspects Rob points out, before adding
another layer of complexity of doing the same with the FreeIPA server
running in a container.
--
Jan Pazdziora | Red Hat