[Freeipa-devel] [PATCH/0028] Make selfsign CA creation an independent step
Jakub Hrozek
jhrozek at redhat.com
Fri Dec 10 13:49:36 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/09/2010 12:52 AM, Simo Sorce wrote:
>
> When we are creating a selfsign file based CA, do it at the same time
> we would do the dogtag CA creation instead of doing it within the
> dsinstance.
>
> Also move around or changes some other related minor details to clean-up
> a bit the code.
>
> Automatically publishes the CA cert to /etc/ipa/ca.crt, this fixes #544
> as now the code gets the cert from there and the cert is put there at
> CA creation time before any instance has been invoked.
>
> Simo.
>
>
Looks good to me and seems to work OK.
Ack although I believe patches 25,26 need to be pushed first.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0CL/AACgkQHsardTLnvCWpLgCgvBjIpPZKgRnsYJdrSwnRiQ0/
SRkAoNE7HWdU7Qz6TKkhUs/SSzOzcqCJ
=YUcs
-----END PGP SIGNATURE-----
More information about the Freeipa-devel
mailing list