Skip to content

Instantly share code, notes, and snippets.

@dgibbs64

dgibbs64/gist:0e7a64b444de4159133adb2dc4a412f8

Created November 14, 2025 12:55
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save dgibbs64/0e7a64b444de4159133adb2dc4a412f8 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save dgibbs64/0e7a64b444de4159133adb2dc4a412f8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
ipa host-add server-1.example.com
ipa service-add HTTP/server-1.example.com
ipa-getkeytab -s ipa.example.com \
-p HTTP/server-1.example.com \
-k /etc/http.keytab
sudo systemctl enable --now certmonger
ipa-getcert request \
-f /etc/pki/tls/certs/nginx.pem \
-k /etc/pki/tls/private/nginx.key \
-K HTTP/[email protected] \
-D server-1.example.com \
-D software.example.com
getcert list
server {
listen 443 ssl;
server_name server-1.example.com software.example.com;
ssl_certificate /etc/pki/tls/certs/nginx.pem;
ssl_certificate_key /etc/pki/tls/private/nginx.key;
location / {
proxy_pass http://backend;
}
}
systemctl reload nginx
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment