[Freeipa-devel] [PATCH] Add DRM to IPA
Ade Lee
alee at redhat.com
Fri Apr 4 18:50:32 UTC 2014
This patch adds the capability of installing a Dogtag DRM
to an IPA instance. With this patch, when ipa-server-install
is run, a Dogtag CA and a Dogtag DRM are created. The DRM
shares the same tomcat instance and DS instance as the Dogtag CA.
Moreover, the same admin user/agent (and agent cert) can be used
for both subsystems. Certmonger is also confgured to monitor the
new subsystem certificates.
It is also possible to clone the DRM. When the IPA instance is
cloned, if --enable-ca and --enable-drm are specified, the DRM
is cloned as well.
Installing a DRM requires the user to have a Dogtag CA instance.
We can look into possibly relaxing that requirement in a later patch.
I am still working on patches for a ipa-drm-install script, which
would be used to add a DRM to an existing master (that includes
a dogtag CA), or an existing clone.
Please review,
Thanks,
Ade
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-a-DRM-to-IPA.patch
Type: text/x-patch
Size: 40124 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140404/8d04db1a/attachment.bin>
More information about the Freeipa-devel
mailing list