[Freeipa-devel] [freeipa PR#50] Add cert checks in ipa-server-certinstall (opened)
flo-renaud
freeipa-github-notification at redhat.com
Fri Sep 2 08:32:05 UTC 2016
flo-renaud's pull request #50: "Add cert checks in ipa-server-certinstall" was opened
PR body:
"""
When ipa-server-certinstall is called to install a new server certificate,
the prerequisite is that the certificate issuer must be already known by IPA.
This fix adds new checks to make sure that the tool exits before
modifying the target NSS database if it is not the case.
The fix consists in creating a temp NSS database with the CA certs from the
target NSS database + the new server cert and checking the new server cert
validity.
https://fedorahosted.org/freeipa/ticket/6263
"""
See the full pull-request at https://github.com/freeipa/freeipa/pull/50
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/50/head:pr50
git checkout pr50
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pr-50.patch
Type: text/x-diff
Size: 5522 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160902/0775b243/attachment.bin>
More information about the Freeipa-devel
mailing list