Administrators need a way to retrieve the certificate or certificate chain of an IPA-managed lightweight CA.
Add --certificate-out and --certificate-chain-out options to the ca-show command.
ca-show
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1367868
4.4.2 is a stabilization milestone.
master:
Commit 32b1743 breaks our out-of-tree testing suite on Fedora 25:
<SNIP> except errors.PublicError as got_exception: > assert type(expected_exception) is type(got_exception) E assert <class 'ipalib.errors.NotFound'> is <class 'ipalib.errors.NetworkError'> E + where <class 'ipalib.errors.NotFound'> = type(NotFound(u'+tuser1: user not found',)) E + and <class 'ipalib.errors.NetworkError'> = type(NetworkError(u"cannot connect to 'https://master1.ipa.test/ipa/session/json': ...CIPHERS_SUPPORTED) No cipher suites are present and enabled in this program.",)) /usr/lib/python2.7/site-packages/ipatests/test_xmlrpc/xmlrpc_test.py:413: AssertionError ----------------------------- Captured stdout call ----------------------------- Ran command: ipaclient.plugins.user.user_show()(u'+tuser1', version=u'2.217'): NetworkError: cannot connect to 'https://master1.ipa.test/ipa/session/json': (SSL_ERROR_NO_CIPHERS_SUPPORTED) No cipher suites are present and enabled in this program. ======= 254 failed, 576 passed, 98 skipped, 1756 error in 254.59 seconds =======
making Travis CI unusable. Reopening the ticket in order to investigate.
Metadata Update from @ftweedal: - Issue assigned to ftweedal - Issue set to the milestone: FreeIPA 4.5
Login to comment on this ticket.