[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Pki-devel] [PATCH] Note on overriding pki_client_dir when using an HSM



Please review the following man page patch:

An ACK of this man page note will not close this ticket, it will merely provide a note to the users regarding this issue until the time that the actual problem can be fixed.

From 401a156bb2fa21ffb5948633d97df5498f028fb0 Mon Sep 17 00:00:00 2001
From: Matthew Harmsen <mharmsen redhat com>
Date: Mon, 6 Jul 2015 13:08:57 -0600
Subject: [PATCH] Note on overriding pki_client_dir when using an HSM

- PKI TRAC Ticket #1425 - pkispawn CA with HSM - if the config file has
  pki_client related params the dir is not created and the admin cert p12 file
  is stored nowhere
---
 base/server/man/man5/pki_default.cfg.5 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/base/server/man/man5/pki_default.cfg.5 b/base/server/man/man5/pki_default.cfg.5
index f3db6a8..ed85aaf 100644
--- a/base/server/man/man5/pki_default.cfg.5
+++ b/base/server/man/man5/pki_default.cfg.5
@@ -152,6 +152,9 @@ Set to True to back up the subsystem certificates and keys to a PKCS #12 file.
 .B pki_client_dir
 .IP
 This is the location where all client data used during the installation is stored.  At the end of the invocation of \fBpkispawn\fP, the administrative user's certificate and keys are stored in a PKCS #12 file in this location.
+.IP
+\fBNote:\fP
+When using an HSM, specifying a value for \fBpki_client_dir\fP that is different than the default may result in the specified directory not being created, and the PKCS #12 file containing the admin certificate specified in \fBpki_client_admin_cert_p12\fP to not be stored anywhere.
 .TP
 .B pki_client_database_dir,  pki_client_database_password
 .IP
-- 
1.8.3.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]