[Freeipa-devel] [RFE] CA certificate renewal
Petr Spacek
pspacek at redhat.com
Tue Oct 8 07:21:10 UTC 2013
On 8.10.2013 09:16, Jan Cholasta wrote:
> On 8.10.2013 08:37, Petr Spacek wrote:
>> On 7.10.2013 20:20, Jan Cholasta wrote:
>>>> Automatic renewal of IPA CA certificate.
>>>>
>>>> certmonger currently has no notification capabilities. How will anyone
>>>> know that the renewal has failed unless they happen to run getcert list?
>>>> Unfortunately I don't really have an answer. An MTA is looking more and
>>>> more necessary.
>>>
>>> I agree.
>>
>> Please, don't invent yet another notification system. Don't try to
>> re-invent wheel :-)
>>
>> There are plenty systems for that, we should just provide hooks for them
>> (i.e. ability to run custom script on particular event and provide
>> machine-readable output from our tools).
>>
>> I don't want to repeat all the arguments again, so there is a link:
>> https://www.redhat.com/archives/freeipa-devel/2013-September/msg00071.html
>> (See the end of the page - the part below all quotations.)
>>
>
> OK, I don't care how this is done. Is syslogging with crit or alert severity
> good enough?
For me - yes, it is. However, it would be great if there will be a 'status
check tool' (or parameter) with machine readable output.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list