[Freeipa-users] Re: use FreeIPA/certmonger to manage and generate TLS certificates for vHosts

On la, 25 helmi 2023, Carlos Mogas da Silva via FreeIPA-users wrote: > Thanks for the pointer Alexander. I actually did search the list, but searched for "vhost" :P > > Anyway, I did as in the thread you mentioned, the only difference being that I used ipa-getcert and used the HOST key > instead of the HTTP key for the principal name, but certmonger can't seem to find the "webapp1" ? > > ca-error: Server at https://ipa01.int.example.com/ipa/json failed request, will retry: 4001 (The service principal for > subject alt name webapp1.int.example.com in certificate request does not exist). > > both HTTP/webapp1.int.example.com and HOST/host1.int.example.com exist and the host object itself for both also exist. > > I feel like I'm missing something obvious... Please show exact sequence of what you did.