[Freeipa-devel] [freeipa PR#177][comment] Add options to write lightweight CA cert or chain to file
tomaskrizek
freeipa-github-notification at redhat.com
Thu Nov 24 16:35:45 UTC 2016
URL: https://github.com/freeipa/freeipa/pull/177
Title: #177: Add options to write lightweight CA cert or chain to file
tomaskrizek commented:
"""
Please update the xmlrpc tests to reflect the extra certificate attributes (~12 failed tests in `test_xmlrpc/test_ca_plugin.py`, `test_caacl_plugin.py` and `test_caacl_profile_enforcement.py`).
There are also a couple tests failing with ACIError:
ACIError: Insufficient access: Principal 'srv/santest-host-1...' is not permitted to use CA 'default-profile-subca' with profile 'caIPAserviceCert' for certificate issuance.
I also found the `--certificate-out` option a bit confusing. At first I thought I should provide the certificate name to be exported. Perhaps the help text could be improved to make it clear the used should provide a file name?
"""
See the full comment at https://github.com/freeipa/freeipa/pull/177#issuecomment-262813919
More information about the Freeipa-devel
mailing list