From 2b2c5d6c931660e73cc1c9e75aa3055ab20f386b Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Wed, 10 Apr 2019 09:44:54 +0200 Subject: [PATCH] Add --pki-config-override to man pages Mention the new option in the man pages for CA, KRA, replica, and server installation. The documentation must be improved once we have figured out which options are going to be supported. Fixes: pagure.io/freeipa/issue/5608 Signed-off-by: Christian Heimes Reviewed-By: Fraser Tweedale Reviewed-By: Alexander Bokovoy --- install/tools/man/ipa-ca-install.1 | 3 +++ install/tools/man/ipa-kra-install.1 | 3 +++ install/tools/man/ipa-replica-install.1 | 3 +++ install/tools/man/ipa-server-install.1 | 3 +++ 4 files changed, 12 insertions(+) diff --git a/install/tools/man/ipa-ca-install.1 b/install/tools/man/ipa-ca-install.1 index 5ac7e2b75..3ebe32c0a 100644 --- a/install/tools/man/ipa-ca-install.1 +++ b/install/tools/man/ipa-ca-install.1 @@ -73,6 +73,9 @@ The CA certificate subject DN (default CN=Certificate Authority,O=REALM.NAME). \fB\-\-subject\-base\fR=\fISUBJECT\fR The subject base for certificates issued by IPA (default O=REALM.NAME). RDNs are in LDAP order (most specific RDN first). .TP +\fB\-\-pki\-config\-override\fR=\fIFILE\fR +File containing overrides for CA installation. +.TP \fB\-\-ca\-signing\-algorithm\fR=\fIALGORITHM\fR Signing algorithm of the IPA CA certificate. Possible values are SHA1withRSA, SHA256withRSA, SHA512withRSA. Default value is SHA256withRSA. Use this option with --external-ca if the external CA does not support the default signing algorithm. .TP diff --git a/install/tools/man/ipa-kra-install.1 b/install/tools/man/ipa-kra-install.1 index b7661f7cc..6c8523aa0 100644 --- a/install/tools/man/ipa-kra-install.1 +++ b/install/tools/man/ipa-kra-install.1 @@ -51,6 +51,9 @@ Output only errors .TP \fB\-\-log-file\fR=\fRFILE\fR Log to the given file +.TP +\fB\-\-pki\-config\-override\fR=\fIFILE\fR +File containing overrides for KRA installation. .SH "EXIT STATUS" 0 if the command was successful diff --git a/install/tools/man/ipa-replica-install.1 b/install/tools/man/ipa-replica-install.1 index c63107d3d..30d491743 100644 --- a/install/tools/man/ipa-replica-install.1 +++ b/install/tools/man/ipa-replica-install.1 @@ -140,6 +140,9 @@ Name of the Apache Server SSL certificate to install \fB\-\-pkinit\-cert\-name\fR=NAME Name of the Kerberos KDC SSL certificate to install .TP +\fB\-\-pki\-config\-override\fR=\fIFILE\fR +File containing overrides for CA and KRA installation. +.TP \fB\-\-skip\-schema\-check\fR Skip check for updated CA DS schema on the remote master diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1 index 019c157fa..1a4d2f658 100644 --- a/install/tools/man/ipa-server-install.1 +++ b/install/tools/man/ipa-server-install.1 @@ -152,6 +152,9 @@ Name of the Kerberos KDC SSL certificate to install. \fB\-\-ca\-cert\-file\fR=\fIFILE\fR File containing the CA certificate of the CA which issued the Directory Server, Apache Server and Kerberos KDC certificates. The file is accepted in PEM and DER certificate and PKCS#7 certificate chain formats. This option may be used multiple times. Use this option if the CA certificate is not present in the certificate files. .TP +\fB\-\-pki\-config\-override\fR=\fIFILE\fR +File containing overrides for CA and KRA installation. +.TP \fB\-\-ca\-subject\fR=\fISUBJECT\fR The CA certificate subject DN (default CN=Certificate Authority,O=REALM.NAME). RDNs are in LDAP order (most specific RDN first). .TP