[Freeipa-devel] [PATCH] Add DRM to IPA

[Ade Lee]

    This patch adds the capability of installing a Dogtag DRM
    to an IPA instance.  With this patch, when ipa-server-install
    is run, a Dogtag CA and a Dogtag DRM are created.  The DRM
    shares the same tomcat instance and DS instance as the Dogtag CA.
    Moreover, the same admin user/agent (and agent cert) can be used
    for both subsystems.  Certmonger is also confgured to monitor the
    new subsystem certificates.
    
    It is also possible to clone the DRM.  When the IPA instance is
    cloned, if --enable-ca and --enable-drm are specified, the DRM
    is cloned as well.
    
    Installing a DRM requires the user to have a Dogtag CA instance.
    We can look into possibly relaxing that requirement in a later patch.
    
    I am still working on patches for a ipa-drm-install script, which
    would be used to add a DRM to an existing master (that includes
    a dogtag CA), or an existing clone.

   Please review,

   Thanks, 
   Ade
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-a-DRM-to-IPA.patch
Type: text/x-patch
Size: 40124 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140404/8d04db1a/attachment.bin>