ipa-replica-install --help shows:
ipa-replica-install --help
certificate system options: --dirsrv-cert-file=FILE File containing the Directory Server SSL certificate and private key --http-cert-file=FILE File containing the Apache Server SSL certificate and private key --pkinit-cert-file=FILE File containing the Kerberos KDC SSL certificate and private key --dirsrv-pin=PIN The password to unlock the Directory Server private key --http-pin=PIN The password to unlock the Apache Server private key --pkinit-pin=PIN The password to unlock the Kerberos KDC private key --dirsrv-cert-name=NAME Name of the Directory Server SSL certificate to install --http-cert-name=NAME Name of the Apache Server SSL certificate to install --pkinit-cert-name=NAME Name of the Kerberos KDC SSL certificate to install --skip-schema-check skip check for updated CA DS schema on the remote master
but man ipa-replica-install has only:
man ipa-replica-install
CERTIFICATE SYSTEM OPTIONS --setup-ca Install and configure a CA on this replica. If a CA is not configured then certificate operations will be forwarded to a master with a CA installed. --no-pkinit Disables pkinit setup steps --skip-schema-check Skip check for updated CA DS schema on the remote master
Btw, we can also see that --no-pkinit's section differs
master:
Metadata Update from @pvoborni: - Issue assigned to frenaud - Issue set to the milestone: FreeIPA 4.4
Login to comment on this ticket.