[Freeipa-users] Announcing FreeIPA 4.4.2
Coy Hile
coy.hile at coyhile.com
Fri Oct 14 13:29:47 UTC 2016
Will there be builds in a COPR for rhel/cents 7?
Sent via the Samsung GALAXY S® 5, an AT&T 4G LTE smartphone
-------- Original message --------
From: Martin Kosek <mkosek at redhat.com>
Date: 10/14/16 3:58 AM (GMT-05:00)
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] Announcing FreeIPA 4.4.2
> On 10/13/2016 09:17 PM, Petr Vobornik wrote:
>> The FreeIPA team would like to announce FreeIPA 4.4.2 release!
>>
>> It can be downloaded from http://www.freeipa.org/page/Downloads. Builds
>> for Fedora 24 will be available in the official COPR repository
>> <https://copr.fedorainfracloud.org/coprs/g/freeipa/freeipa-4-4/>.
>>
>> This announcement is also available on
>> http://www.freeipa.org/page/Releases/4.4.2
>>
>> Fedora 25 update:
>> https://bodhi.fedoraproject.org/updates/freeipa-4.4.2-1.fc25
>
> Please note that the FreeIPA Public demo was also upgraded to the version
> 4.4.2, if you want to try it out!
>
> Demo location: https://ipa.demo1.freeipa.org/ipa/ui/
>
> The selected new features that may be best exhibited in the FreeIPA Web UI:
>
> * Improved Topology Management:
> - IPA Server -> Topology -> Graph
> - https://ipa.demo1.freeipa.org/ipa/ui/#/p/topology-graph
>
> * Added Overview of IPA server roles:
> - IPA Server -> Topology -> Server Roles
> - https://ipa.demo1.freeipa.org/ipa/ui/#/e/server_role/search
> - You can click on a role
>
> - You can also see roles of a server:
> -
> https://ipa.demo1.freeipa.org/ipa/ui/#/e/server/details/ipa.demo1.freeipa.org
>
> * Added DNS Location Mechanism:
> - IPA Server -> Topology -> IPA Locations
> - You can add a location
> - In the location details, you can add the servers to it (you can only test
> UI as changing a location of IPA server requires DNS server restart)
>
> * Added support for Sub-CAs
> - Open Authentication -> Certificate Authorities
> - Add new CA Authority, with subject like "CN=Certificate
> Authority,O=VPN,O=DEMO1.FREEIPA.ORG"
> - Set ACL for authority in "CA ACLs" so that Admin can use this CA
> - Generate new certificate:
> - Open for example a test Service
> - Click Options -> New Certificate
> - Follow the steps (and use the new Sub-CA). I typed these
> options to get
> the CSR:
> - cd /tmp/
> - mkdir test
> - cd test/
> - certutil -N -d .
> - certutil -R -d . -a -g 2048 -s
> 'CN=ipa.demo1.freeipa.org,O=VPN,O=DEMO1.FREEIPA.ORG' -8
> 'ipa.demo1.freeipa.org'
> - Paste the CSR blob to FreeIPA, it should pass
> - It will show that Issuer is "CN = Certificate Authority,O = VPN,O =
> DEMO1.FREEIPA.ORG", i.e. our new Sub-CA
>
> Enjoy!
> Martin
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
More information about the Freeipa-users
mailing list