Chapter 31. Adding the IdM CA service to an IdM server in a deployment with a CA
If your Identity Management (IdM) environment already has the IdM certificate authority (CA) service installed but a particular IdM server, idmserver, was installed as an IdM replica without a CA, you can add the CA service to idmserver by using the ipa-ca-install
command.
This procedure is identical for both the following scenarios:
- The IdM CA is a root CA.
- The IdM CA is subordinate to an external, root CA.
Prerequisites
-
You have
root
permissions on idmserver. - The IdM server is installed on idmserver.
- Your IdM deployment has a CA installed on another IdM server.
-
You know the IdM
Directory Manager
password.
Procedure
On idmserver, install the IdM Certificate Server CA:
[root@idmserver ~] ipa-ca-install