[Pki-devel] [PATCH] 633 Updated man page for configuring secure LDAP connection.
Christina Fu
cfu at redhat.com
Sat Jul 18 01:04:02 UTC 2015
consider it a conditional ACK if all agreed upon and done.
thanks,
Christina
On 07/17/2015 05:37 PM, Christina Fu wrote:
> 1. It might be helpful to explain briefly what each ldap command is
> doing. For example, for the life of me, I don't know why one needs to
> run that ldapsearch command before the certutil command
>
> 2.Nothing to do with man pages, I am just thinking out loud... I'm a
> bit concerned that one needs to download and run a script from a user
> content offering... Does DS not offer it on a more official channel?
>
> 3. This comment is regarding the layout of information in this whole
> section on setting up secure ldap with ca, so it already existed
> before you changes, but since it has to do with clarity and accuracy,
> please bear with me.
> the "Prior to installing the subsystem..." paragraph ends with
> "...and its self-signed CA certificate exported to a file..."
> *but*, the "It should be noted" at end of the section talks about
> three scenarios, which the above "must" item now become one (#3) of
> the three scenarios instead.
> may I suggest that we move the whole "note" part to the very top of
> this section, and instead of "It should be noted..." you skip the
> first 5 words and begin with
> " There are basically three scenarios..." (maybe remove the word
> "basically")
> then for scenario one, you give the instruction for it
> and scenario 3 you give it its instruction
>
> Then at the end, mention that since scenario 1 and 3 requires talking
> ldaps, you need those two extra pkispawn parameters
>
> I hope it's not too complicated.
>
> thanks,
> Christina
>
> On 07/16/2015 05:48 PM, Endi Sukma Dewata wrote:
>> The instruction to setup secure LDAP connection in the pkispawn
>> man page has been updated. The sample deployment configuration
>> file has been made more generic. The setup-ds.pl has been removed
>> from the instruction since generating a self-signed certificate
>> requires a DS admin server. The URL to download setupssl2.sh has
>> been changed with a more direct link. The sample LDAP password
>> has been changed to match the current deployment configuration
>> examples. Some paragraphs have been line wrapped to simplify man
>> page development.
>>
>>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20150717/aed43bfb/attachment.htm>
More information about the Pki-devel
mailing list