IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 00:31:56 -06:00
Code Issues Packages Projects Releases Wiki Activity
f769045f0a
freeipa/ipalib/install
History
Jan Cholasta f769045f0a server install: fix KDC PKINIT configuration 
Set `pkinit_pool` in `kdc.conf` to a CA certificate bundle of all CAs known
to IPA.

Make sure `cacert.pem` is exported in all installation code paths.

Use the KDC certificate itself as a PKINIT anchor in `login_password`.

https://pagure.io/freeipa/issue/6831

Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2017-05-19 12:31:24 +02:00
..
__init__.py install: introduce installer class hierarchy 2016-11-11 12:17:25 +01:00
certmonger.py renew agent: get rid of virtual profiles 2017-05-15 12:14:28 +02:00
certstore.py certdb: use custom object for trust flags 2017-05-19 12:31:24 +02:00
hostname.py Fixed typo in ipa-client-install output 2017-05-02 13:41:20 +02:00
kinit.py server install: fix KDC PKINIT configuration 2017-05-19 12:31:24 +02:00
service.py install: re-introduce option groups 2017-03-13 10:12:40 +01:00
sysrestore.py ipapython: move certmonger and sysrestore to ipalib.install 2016-11-29 14:50:51 +01:00