During external CA phase 1 and 2, things could happen (HSM shutdown, OS shutdown, power outage, etc.) and the installation is not able to continue due to the server's inability to restart and resume the installation. We can make it so that between phase 1 and phase 2, a clean shutdown (and restart) can be conducted.
This ticket was filed as a preventive measure to the issue that if something happens between step 1 and step 2 of the "external CA" option, it will not cause disaster again.
However, it just occurred to me that once the ticket, https://fedorahosted.org/pki/ticket/456 The user have a chance to import own CA certificate with private key, is implemented, it can be used instead of the "external CA" option to achieve "external CA" in one single step.
We can either keep this ticket around as a possible "round 2" of 456, or we can close it if 456 was done in completion.
Per CS/DS meeting of 11/02/2015: 10.3 - critical
This is fixed in #456 by moving the server startup to step 2.
Metadata Update from @cfu: - Issue set to the milestone: 10.3.0
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2240
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.