hi, if during the enrollment of a host a host certificate is created, then this will be a nssdb type certificate.
However, lots of applications use file certificates and we can very easily create one of those (even using configuration management tools): /usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname --fqdn`.crt -k /etc/pki/tls/private/`hostname --fqdn`.key getcert list will see both, but in the ipa web interface in the host information only the last one will be shown. Is this a problem? -- Groeten, natxo -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
