Issue #1523: Fix external CA install - freeipa

freeipa

#1523 Fix external CA install

Closed: Fixed None Opened 12 years ago by jcholast.

There are several issues with external CA install:
- The file /root/ipa.csr must exist in order to start the second step, but it isn't used anywhere in the second step,
- when reading the answer cache, the installer asks for confirmation of the directory manager password,
- the default hostname is stored in the answer cache instead of the hostname specified by the user,
- DNS forwarders and reverse zone aren't stored in the answer cache.

rcritten commented 12 years ago

/root/ipa.csr is passed in as csr_file into the constructor in cainstance.py. It gets passed into pkisilent with -ext_csr_file.

The answer cache is encrypted using the DM password which is why we propmt for it. The prompt may not be the best.

rcritten commented 12 years ago

master: a264125

ipa-2-0: d466612

Metadata Update from @jcholast:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 2.1 - 2011/07

7 years ago

Metadata

Assignee

jcholast

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 2.1 - 2011/07

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#1523 Fix external CA install Closed: Fixed None Opened 12 years ago by jcholast.

Metadata

#1523 Fix external CA install

Closed: Fixed None Opened 12 years ago by jcholast.