[Freeipa-devel] [PATCH] 0086 Add --ca option to cert-status

Jan Cholasta jcholast at redhat.com
Fri Jul 1 06:57:50 UTC 2016 

On 1.7.2016 06:54, Jan Cholasta wrote:
> On 1.7.2016 06:47, Fraser Tweedale wrote:
>> On Fri, Jul 01, 2016 at 05:55:35AM +0200, Jan Cholasta wrote:
>>> On 29.6.2016 12:18, Jan Cholasta wrote:
>>>> On 29.6.2016 10:47, Fraser Tweedale wrote:
>>>>> On Wed, Jun 29, 2016 at 10:04:05AM +0200, Jan Cholasta wrote:
>>>>>> Hi,
>>>>>>
>>>>>> On 29.6.2016 06:11, Fraser Tweedale wrote:
>>>>>>> Dear team,
>>>>>>>
>>>>>>> The attached patch implements the --ca option for the rest of the
>>>>>>> cert-blah commands (https://fedorahosted.org/freeipa/ticket/5999).
>>>>>>
>>>>>> 1) I don't think cert-status should be treated specially. The
>>>>>> operation to
>>>>>> check status of a certificate request is not specific to Dogtag.
>>>>>>
>>>>> I'm happy to add the option, with the caveat that because (of top of
>>>>> head) there is not (yet) a way in Dogtag to distinguish/filter
>>>>> requests by target CA, value may go unused.
>>>>
>>>> IMO that's OK, since it's a safe non-descructive operation.
>>>>
>>>>>
>>>>>>
>>>>>> 2) cert-show is called twice in cert-revoke. Can we call it just
>>>>>> once?
>>>>>>
>>>>> I'll address this in next patchset.
>>>>
>>>> OK.
>>>
>>> ACK on the first version of the patch, since it's better than
>>> nothing. The
>>> ticket remains open, please fix the rest ASAP.
>>>
>>> Added VERSION bump and pushed to master:
>>> ffb1f5b1f24f0de30529d50f8c8dfb9a896c149e
>>>
>>> Honza
>>>
>> New patch 0086 attached, adding the option to cert-status command.
>
> Thanks. We could at least check if the specified CA exists, couldn't we?

To speed things up, I have updated your patch with this, see the attachment.

If the change looks good to you, we can push the patch.

>
>>
>> (2) will be addressed later due to conflicts with other patches (or
>> maybe as part of those other patches).
>
> OK.
>
>>
>> Thanks,
>> Fraser
>>
>
>


-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-ftweedal-0086-jcholast1-Add-cn-option-to-cert-status.patch
Type: text/x-patch
Size: 2816 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160701/81d9c5c8/attachment.bin>

More information about the Freeipa-devel mailing list