Hi, Dne 22.10.2014 v 22:06 Endi Sukma Dewata napsal(a):
A new command has been added to retrieve the vault transport certificate and optionally save it into a file. The vault archive and retrieve command has been modified to retrieve the transport certificate and store it locally for subsequent usage. This way it's no longer necessary to manually import the transport certificate into the client's NSS database.
As part of the CA certificate renewal feature in 4.1, I have added a LDAP certificate store to IPA, see <http://www.freeipa.org/page/V4/CA_certificate_renewal>. Currently it supports only CA certificates, but can be extended to support end entity certificates rather easily. If you use it for the vault transport certificate, it can be added to the client NSS database automatically on install.
Honza -- Jan Cholasta _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
