I was looking at the certificates in UCS. Got certificates for “IP managed clients” as intended, they are auto generated on object creation and stored in /etc/univention/ssl/.
I also have a couple of Windows machines which are domain joined. They provide some functionality which would greatly benefit from having a trusted (domain) certificate. Those certificates have not been created, so my questions are:
- Am I missing something, and the certs are hiding in a different location?
- Do I simply generate any cert with univention-certificate? If so what are the parameters that can be used with that command; I think I spotted something like non-standard cert expiry time while searching the forum but can’t find it again now.