freeipa

Clone
Source Code
GIT

#3504 [RFE] Use system shared CA trust
Closed: Fixed None Opened 11 years ago by rcritten.

Closed: Fixed
Reopen Issue

F-19 is introducing a new feature that will make publishing a CA certificate both easier and system-wide for all crypto libraries:

https://fedoraproject.org/wiki/Features/SharedSystemCertificates

This will make it possible to avoid the CA trust issues in client browsers on enrolled systems.

Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=928478 (Fedora)

3.4 development was shifted by one month, moving tickets to reflect reality better.

Adjusting time plan - 3.4 development was postponed as we focused on 3.3.x testing and stabilization.

Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1031111 (Red Hat Enterprise Linux 7)
  • master: 60b4724 - Add f19 platform file
  • master: 4a0e914 - Publish CA certificate to systemwide store

Metadata Update from @rcritten:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 4.0 - 2013/11
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
enhancement
None
None
Certificate management
None
1
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=928478, https://bugzilla.redhat.com/show_bug.cgi?id=1031111
None
ipa-client-install now uploads FreeIPA CA certificate in a system-wide certificate store, thus making it trusted by all other services on the OS.
N/A (minor feature)
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.