67.2.

# openssl x509 -in <filename>.der -inform DER -out <filename>.pem -outform PEM

# openssl x509 -noout -text -in root-ca.pem | more

```
$ cd ~/MyPlaybooks/
```
```
$ mkdir SmartCard/
```

# cp /tmp/root-ca.pem ~/MyPlaybooks/SmartCard/
# cp /tmp/intermediate-ca.pem ~/MyPlaybooks/SmartCard/
# cp /etc/ipa/ca.crt ~/MyPlaybooks/SmartCard/ipa-ca.crt

[ipaserver]
ipaserver.idm.example.com

[ipareplicas]
ipareplica1.idm.example.com
ipareplica2.idm.example.com

[ipacluster:children]
ipaserver
ipareplicas

[ipacluster:vars]
ipaadmin_password= "{{ ipaadmin_password }}"
ipasmartcard_server_ca_certs=/home/<user_name>/MyPlaybooks/SmartCard/root-ca.pem,/home/<user_name>/MyPlaybooks/SmartCard/intermediate-ca.pem,/home/<user_name>/MyPlaybooks/SmartCard/ipa-ca.crt

---
- name: Playbook to set up smart card authentication for an IdM server
  hosts: ipaserver
  become: true

  roles:
  - role: ipasmartcard_server
    state: present

$ ansible-playbook --vault-password-file=password_file -v -i inventory install-smartcard-server.yml

```
ssh root@ipaserver.idm.example.com
```
```
SSLOCSPEnable off
```
```
# systemctl restart httpd
```

警告

注記

---
- name: Playbook to setup smartcard for IPA server and replicas
  hosts: ipacluster
[...]

トップに戻る

67.2.

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

多様性を受け入れるオープンソースの強化

会社概要

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links