[Freeipa-devel] [RFE] CA certificate renewal
Dmitri Pal
dpal at redhat.com
Wed Oct 9 13:43:58 UTC 2013
On 10/08/2013 03:56 AM, Jakub Hrozek wrote:
> On Tue, Oct 08, 2013 at 09:21:10AM +0200, Petr Spacek wrote:
>> On 8.10.2013 09:16, Jan Cholasta wrote:
>>> On 8.10.2013 08:37, Petr Spacek wrote:
>>>> On 7.10.2013 20:20, Jan Cholasta wrote:
>>>>>> Automatic renewal of IPA CA certificate.
>>>>>>
>>>>>> certmonger currently has no notification capabilities. How will anyone
>>>>>> know that the renewal has failed unless they happen to run getcert list?
>>>>>> Unfortunately I don't really have an answer. An MTA is looking more and
>>>>>> more necessary.
>>>>> I agree.
>>>> Please, don't invent yet another notification system. Don't try to
>>>> re-invent wheel :-)
>>>>
>>>> There are plenty systems for that, we should just provide hooks for them
>>>> (i.e. ability to run custom script on particular event and provide
>>>> machine-readable output from our tools).
>>>>
>>>> I don't want to repeat all the arguments again, so there is a link:
>>>> https://www.redhat.com/archives/freeipa-devel/2013-September/msg00071.html
>>>> (See the end of the page - the part below all quotations.)
>>>>
>>> OK, I don't care how this is done. Is syslogging with crit or alert severity
>>> good enough?
>> For me - yes, it is. However, it would be great if there will be a
>> 'status check tool' (or parameter) with machine readable output.
> I haven't read the whole discussion deeply so I might not have context,
> but when thinking about logging, I think you should consider journald.
>
> Journald is great at providing machine readable output (journalctl -b -o
> json for instance) as well as having the ability to provide custom
> fields to be queried later.
I would second that.
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list