Now that Mozilla and other browsers will not Trust a certificate with a validity length
longer than a year, FreeIPA should change the default length to match. Currently IPA
issues 2 year certificates, which make all the browsers view them as Un-Trusted. This
defeats the purpose of cert issuance.
Show replies by date