Nick Phillips's questions -server

Nick Phillips

Asked: 2014-11-21 13:58:29 +0800 CST

Can OpenDirectory on OS X reasonably be configured to use an intermediate CA cert from an existing CA?

We're trying to set up OpenDirectory. It seems to want to create its own CA, and then an intermediate CA with a certificate signed by its own CA. I'd prefer to generate an intermediate CA certificate from our existing internal CA and have it use that instead. This would have several benefits (existing CA cert is already distributed to machines, so no need to click to trust new certs when joining client to OD, for starters).

However, I can't find any config for this certificate, nor any reference to any other way of doing it.

Is this a reasonable thing to try to do, and if so how do I do it?

Can OpenDirectory on OS X reasonably be configured to use an intermediate CA cert from an existing CA?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?