[Freeipa-devel] [freeipa PR#584][comment] Improve the implementation of PKINIT certificate retrieval
MartinBasti
freeipa-github-notification at redhat.com
Wed Mar 15 15:40:29 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/584
Title: #584: Improve the implementation of PKINIT certificate retrieval
MartinBasti commented:
"""
master:
* 95768de06fbef78169329af12b29e4d65e4bf157 Make PKINIT certificate request logic consistent with other installers
* b5b23e073e59930e4dcf14ea8031c2c0441e6344 Request PKINIT cert directly from Dogtag API on first master
* bd18b5f91e3f98fa877def245c54c1cd33bd372e Move PKINIT configuration to a later stage of server/replica install
* 069948466e81d99a0dd48ffffa32af50351d0189 Make wait_for_entry raise exceptions
* 8f4abf7bc1607fc44f528b8a443b69cb82269e69 check that the master requesting PKINIT cert has KDC enabled
* b45629fc480e61464b402ac2fc52c6f9fc61df0e check for replica's KDC entry on master before requesting PKINIT cert
* a1686a90c0cc8c16c89ef1bada7f507729bf3252 Try out anonymous PKINIT after it is configured
"""
See the full comment at https://github.com/freeipa/freeipa/pull/584#issuecomment-286782263
More information about the Freeipa-devel
mailing list