[Freeipa-devel] [PATCH] 401 fix ipa-server-certinstall
This command was broken because the api needed to be bootstrapped. I also switched to a new function in certs that makes it easier to trust all CAs found in a PKCS#12 file. rob freeipa-401-cert.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 402 location of root CA
Make CA PKCS#12 location arg for ipa-replica-prepare, default /root/cacert.p12 pki-silent puts a copy of the root CA into /root/tmp-ca.p12. Rename this to /root/cacert.p12. rob freeipa-402-rootca.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 403 correct installation CA output
Better customize the message regarding the CA based on the install options. There are now 3 cases: - Install a dogtag CA and issue server certs using that - Install a selfsign CA and issue server certs using that - Install using either dogtag or selfsign and use the provided PKCS#12 files for the server certs. The installed CA will still be used by the cert plugin to issue any server certs. rob freeipa-403-install.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel