[Freeipa-devel] [PATCH] Add DRM to IPA

Dmitri Pal dpal at redhat.com
Mon Apr 7 18:51:14 UTC 2014

On 04/04/2014 02:50 PM, Ade Lee wrote:
>      This patch adds the capability of installing a Dogtag DRM
>      to an IPA instance.  With this patch, when ipa-server-install
>      is run, a Dogtag CA and a Dogtag DRM are created.  The DRM
>      shares the same tomcat instance and DS instance as the Dogtag CA.
>      Moreover, the same admin user/agent (and agent cert) can be used
>      for both subsystems.  Certmonger is also confgured to monitor the
>      new subsystem certificates.
>      It is also possible to clone the DRM.  When the IPA instance is
>      cloned, if --enable-ca and --enable-drm are specified, the DRM
>      is cloned as well.
>      Installing a DRM requires the user to have a Dogtag CA instance.
>      We can look into possibly relaxing that requirement in a later patch.
>      I am still working on patches for a ipa-drm-install script, which
>      would be used to add a DRM to an existing master (that includes
>      a dogtag CA), or an existing clone.
>     Please review,
>     Thanks,
>     Ade

Any takers?

> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140407/38820658/attachment.htm>

More information about the Freeipa-devel mailing list