[Freeipa-devel] [PATCHES] 172-196 Refactor certificate renewal code
Petr Viktorin
pviktori at redhat.com
Tue Mar 25 15:07:14 UTC 2014
On 03/25/2014 03:05 PM, Jan Cholasta wrote:
> On 21.3.2014 09:46, Petr Viktorin wrote:
>> On 03/19/2014 02:33 PM, Jan Cholasta wrote:
[...]
>>>
>>> Updated patches attached.
>>>
>>> Note that I changed the path for CSR export to /var/lib/ipa/ca.csr to
>>> make it more SELinux-friendly (not in the policy yet, see
>>> <https://bugzilla.redhat.com/show_bug.cgi?id=1077689>).
>>>
>
> Updated patches attached.
>
> Note I have also updated the CA master in LDAP code.
>
Looks better!
In patch 190, AFAICS the original CAInstance.is_master is now not used
anywhere, and its uses were always renewal-related. Is it safe to remove it?
--
Petr³
More information about the Freeipa-devel
mailing list