-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Rechner Fox edited this page Oct 10, 2020
·
5 revisions
Welcome to the doorman wiki!
# Get a kerberos ticket
kinit
# Forcibly enroll the fanvil to provision its kerberos TGT (GUI)
# Create a Kerberos service principle
ipa service-add fanvil/fanvil.voip.pawprint.space
# Add the host you're on as a manager for that principle:
ipa service-add-host --hosts=`hostname` fanvil/fanvil.voip.pawprint.space
# Request a certificate
mkdir /etc/pki/clients/
sudo ipa-getcert request \
-K fanvil.voip.pawprint.space \
-k /etc/pki/clients/fanvil.key \
-f /etc/pki/clients/fanvil.crt \
-I fanvil-device
# List the keys being monitored and make sure it's not stuck
sudo ipa-getcert list
# Make a bundled PEM:
cd /etc/pki/clients
openssl rsa -in fanvil.key -text > fanvil.pem
cat fanvil.crt fanvil.key > https.pem
# NB: The Fanvil requires the uploaded file to be named 'https.pem'