[Freeipa-devel] [PATCH] 0081 Add --ca option to cert-revoke and cert-remove-hold
Jan Cholasta
jcholast at redhat.com
Wed Jun 29 10:18:37 UTC 2016
On 29.6.2016 10:47, Fraser Tweedale wrote:
> On Wed, Jun 29, 2016 at 10:04:05AM +0200, Jan Cholasta wrote:
>> Hi,
>>
>> On 29.6.2016 06:11, Fraser Tweedale wrote:
>>> Dear team,
>>>
>>> The attached patch implements the --ca option for the rest of the
>>> cert-blah commands (https://fedorahosted.org/freeipa/ticket/5999).
>>
>> 1) I don't think cert-status should be treated specially. The operation to
>> check status of a certificate request is not specific to Dogtag.
>>
> I'm happy to add the option, with the caveat that because (of top of
> head) there is not (yet) a way in Dogtag to distinguish/filter
> requests by target CA, value may go unused.
IMO that's OK, since it's a safe non-descructive operation.
>
>>
>> 2) cert-show is called twice in cert-revoke. Can we call it just once?
>>
> I'll address this in next patchset.
OK.
>
> Thanks for reviewing!
> Fraser
>
--
Jan Cholasta
More information about the Freeipa-devel
mailing list