[Freeipa-devel] [RFE] CA certificate renewal
Petr Spacek
pspacek at redhat.com
Tue Oct 8 06:37:28 UTC 2013
On 7.10.2013 20:20, Jan Cholasta wrote:
>> Automatic renewal of IPA CA certificate.
>>
>> certmonger currently has no notification capabilities. How will anyone
>> know that the renewal has failed unless they happen to run getcert list?
>> Unfortunately I don't really have an answer. An MTA is looking more and
>> more necessary.
>
> I agree.
Please, don't invent yet another notification system. Don't try to re-invent
wheel :-)
There are plenty systems for that, we should just provide hooks for them (i.e.
ability to run custom script on particular event and provide machine-readable
output from our tools).
I don't want to repeat all the arguments again, so there is a link:
https://www.redhat.com/archives/freeipa-devel/2013-September/msg00071.html
(See the end of the page - the part below all quotations.)
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list