[Freeipa-devel] [freeipa PR#526][comment] server install: properly handle PKINIT-related options
abbra
freeipa-github-notification at redhat.com
Wed Mar 1 13:10:07 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/526
Title: #526: server install: properly handle PKINIT-related options
abbra commented:
"""
This PR does not handle upgrade case which is what Local CA considers. We don't need other systems trust the certificate and we don't need to synchronize anything because KDC cert in upgrade case is issued automatically and is used by privilege separation code on the same machine.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/526#issuecomment-283335425
More information about the Freeipa-devel
mailing list