On 03/27/2013 09:53 AM, alexandre wrote:
Yes I understand that.
To resume, I have a server-cert and a CA cert in my 389DS. I have a CA
cert in my active directory.
So I need server cert in my AD !?
No. AD only needs the CA cert of the CA that issued the 389DS server cert.
I don't really
Yes I understand that.
To resume, I have a server-cert and a CA cert in my 389DS. I have a CA cert
in my active directory.
So I need server cert in my AD !?
I don't really understand "But you must generate cert for DS on AD CA", if
I did a request by web-enrollment from my 389DS, and install it
Yes and that button allows you to install server cert (again generated in
your case on AD CA) . CA tab allows you to install CA cert.
Greg.
27 mar 2013 16:33, "alexandre" napisaĆ(a):
> Sorry my capture is not on the mail, it's the point 12.2.1. 4.c.Go to
> the *CA Certs* tab, and click *Inst
Sorry my capture is not on the mail, it's the point 12.2.1. 4.c.Go to
the *CA Certs* tab, and click *Install* at the bottom of the window.
On this link:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Windows_Sync-Configuring_Windows_Sync.ht
Thanks for the new Link !
@Rich Megginson"It's not the 389DS server certificate, but the CA
certificate for the CA that issued the 389DS server certificate, that you
need for PassSync"
@Grzegorz Dwornicki "But you must generate cert for DS on AD CA. Then you
need to import this cert with AD
On 03/27/2013 08:46 AM, Grzegorz Dwornicki wrote:
I had missunderstood you im this case. No you don't need to create
second CA. But you must generate cert for DS on AD CA. Then you need
to import this cert with AD CA cert on DS
You don't have to use AD CA to generate the 389DS server cert.
