<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> consider it a conditional ACK if all agreed upon and done. thanks, Christina <div class="moz-cite-prefix">On 07/17/2015 05:37 PM, Christina Fu wrote: </div> <blockquote cite="mid:55A99FB7.5060103@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> 1. It might be helpful to explain briefly what each ldap command is doing. For example, for the life of me, I don't know why one needs to run that ldapsearch command before the certutil command 2.Nothing to do with man pages, I am just thinking out loud... I'm a bit concerned that one needs to download and run a script from a user content offering... Does DS not offer it on a more official channel? 3. This comment is regarding the layout of information in this whole section on setting up secure ldap with ca, so it already existed before you changes, but since it has to do with clarity and accuracy, please bear with me. the "Prior to installing the subsystem..." paragraph ends with "...and its self-signed CA certificate exported to a file..." but, the "It should be noted" at end of the section talks about three scenarios, which the above "must" item now become one (#3) of the three scenarios instead. may I suggest that we move the whole "note" part to the very top of this section, and instead of "It should be noted..." you skip the first 5 words and begin with " There are basically three scenarios..." (maybe remove the word "basically") then for scenario one, you give the instruction for it and scenario 3 you give it its instruction Then at the end, mention that since scenario 1 and 3 requires talking ldaps, you need those two extra pkispawn parameters I hope it's not too complicated. thanks, Christina <div class="moz-cite-prefix">On 07/16/2015 05:48 PM, Endi Sukma Dewata wrote: </div> <blockquote cite="mid:55A850F6.6050906@redhat.com" type="cite">The instruction to setup secure LDAP connection in the pkispawn man page has been updated. The sample deployment configuration file has been made more generic. The setup-ds.pl has been removed from the instruction since generating a self-signed certificate requires a DS admin server. The URL to download setupssl2.sh has been changed with a more direct link. The sample LDAP password has been changed to match the current deployment configuration examples. Some paragraphs have been line wrapped to simplify man page development. <fieldset class="mimeAttachmentHeader"></fieldset> <pre wrap="">_______________________________________________ Pki-devel mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Pki-devel@redhat.com">Pki-devel@redhat.com</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pki-devel">https://www.redhat.com/mailman/listinfo/pki-devel</a></pre> </blockquote> <fieldset class="mimeAttachmentHeader"></fieldset> <pre wrap="">_______________________________________________ Pki-devel mailing list <a class="moz-txt-link-abbreviated" href="mailto:Pki-devel@redhat.com">Pki-devel@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pki-devel">https://www.redhat.com/mailman/listinfo/pki-devel</a></pre> </blockquote> </body> </html>