[Freeipa-users] [PATCH] 512 track server certs with certmonger
Rob Crittenden
rcritten at redhat.com
Fri Aug 13 20:03:55 UTC 2010
Have certmonger track the initial Apache and 389-ds server certs.
We don't use certmonger to get certificates during installation because
of the chicken-and-egg problem. This means that the IPA web and ldap
certs aren't being tracked for renewal.
This requires some manual changes to the certmonger request files once
tracking has begun because it doesn't store a subject or principal template
when a cert is added via start-tracking.
This also required some changes to the cert command plugin to allow a
host to execute calls against its own service certs.
ticket 67
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-512-cert.patch
Type: application/mbox
Size: 20565 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20100813/89180155/attachment.mbox>
More information about the Freeipa-users
mailing list