[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pki-devel] [PATCH] 690 Added mechanism to import system certs via PKCS #12 file.



Acked by me.  Pushed to master.

On Mon, 2016-02-22 at 23:41 -0600, Endi Sukma Dewata wrote:
> The installation tool has been modified to provide an optional
> pki_server_pkcs12_path property to specify a PKCS #12 file
> containing certificate chain, system certificates, and third-party
> certificates needed by the subsystem being installed.
> 
> If the pki_server_pkcs12_path is specified the installation tool
> will no longer download the certificate chain from the security
> domain directly, and it will no longer import the PKCS #12
> containing the entire master NSS database specified in
> pki_clone_pkcs12_path.
> 
> For backward compatibility, if the pki_server_pkcs12_path is not
> specified the installation tool will use the old mechanism to
> import the system certificates.
> 
> The ConfigurationUtils.verifySystemCertificates() has been modified
> not to catch the exception to help troubleshooting.
> 
> https://fedorahosted.org/pki/ticket/1742
> 
> Documentations:
> * http://pki.fedoraproject.org/wiki/Installing_CA_Clone
> * http://pki.fedoraproject.org/wiki/Installing_Remote_KRA
> * http://pki.fedoraproject.org/wiki/Exporting_System_Certificates
> * http://pki.fedoraproject.org/wiki/PKI_PKCS12_CLI
> 
> _______________________________________________
> Pki-devel mailing list
> Pki-devel redhat com
> https://www.redhat.com/mailman/listinfo/pki-devel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]