[Freeipa-devel] [PATCH] 1068 wait for LDAP when renewing the RA
Rob Crittenden
rcritten at redhat.com
Wed Oct 24 19:24:50 UTC 2012
All the certs are pretty critical in certificate renewal but the agent
cert has the distinction of having to be updated in multiple places. It
needs to exist in both LDAP servers.
It is possible that one or both of these servers may be down briefly
during renewal so we need to be a bit more robust in our handling. This
will wait up to 5 minutes per server to try to update things, and syslog
when failures occur.
It is now also safe to re-run this in case something catastrophic
happens. One would just need to manually run this to load the required
data into LDAP.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-1068-renewal.patch
Type: text/x-diff
Size: 5820 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20121024/48a42744/attachment.bin>
More information about the Freeipa-devel
mailing list