[Freeipa-devel] [freeipa PR#694][opened] RFC: implement local PKINIT deployment in server/replica install
martbab
freeipa-github-notification at redhat.com
Wed Apr 5 15:22:47 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/694
Author: martbab
Title: #694: RFC: implement local PKINIT deployment in server/replica install
Action: opened
PR body:
"""
This PR implements a basic local PKINIT functionality for server install with
'--no-pkinit' specified, and replica install against older masters or with
'--no-pkinit'.
These patches unblock WebUI logins/password auths on masters/replicas in the
cases proper PKINIT was not configured for whatever reasons.
Nevertheless, there are following things lacking in this PR that I will either
push on top of this one or create a new PR:
-[ ] removal of anonymous keytab, asi it is now useless (and always was)
-[ ] upgrade and transitions between PKINIT configurations
-[ ] reporting PKINIT state in LDAP
-[ ] API for querying the PKINIT status on all masters
http://www.freeipa.org/page/V4/Kerberos_PKINIT
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/694/head:pr694
git checkout pr694
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pr-694.patch
Type: text/x-diff
Size: 26869 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20170405/1e918473/attachment.bin>
More information about the Freeipa-devel
mailing list