Issue #6659: ipa-backup does not include /root/kracert.p12 - freeipa

freeipa

#6659 ipa-backup does not include /root/kracert.p12

Closed: Fixed None Opened 7 years ago by cheimes.

ipa-backup includes /root/cacert.p12 and /root/ca-cert.p12 but not the PKCS12 files with backup of KRA keys. The file /root/kracert.p12 contains the public and private keys for CN=KRA Transport Certificate, CN=KRA Storage Certificate, CN=CA Subsystem, and
CN=KRA Audit. The CA Subsystem key is also in cacert.p12 but the three private keys for KRA transport, storage and audit are not backed up as PKCS12 file. The backup contains another copy of the KRA privates keys as NSSDB /var/lib/pki/pki-tomcat/alias, though.

mbasti commented 7 years ago

master:

11ef2ca Backup /root/kracert.p12

Metadata Update from @cheimes:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

critical

Milestone

FreeIPA 4.5

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

Backup

blocking

None

on_review

https://github.com/freeipa/freeipa/pull/455

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#6659 ipa-backup does not include /root/kracert.p12 Closed: Fixed None Opened 7 years ago by cheimes.

Metadata

#6659 ipa-backup does not include /root/kracert.p12

Closed: Fixed None Opened 7 years ago by cheimes.