Right now, the only way to distinguish between an existing CA install and a externally signed CA install is whether or not a CSR path is provided in the step 1 invocation of pkispawn.
CSR location provided -> keys and CSR generated -> externally signed CA install. CSR location not provided -> keys and CSR not generated -> existing CA install.
This is not very intuitive or robust. Moreover, there is absolutely no reason why the existing CA option should require two invocations of pkispawn.
I propose we simplify as follows:
Per CS/DS Meeting of 2016/01/25: 10.3 - minor
[2016/01/25] - this should fit into the "existing CA" design document (or man page)
Fixed in master:
Additional change in master:
Metadata Update from @vakwetu: - Issue assigned to edewata - Issue set to the milestone: 10.3.0.b1
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2294
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.