A new way to identify the CAs to trust when importing a PKCS#12 file (like during replica installation). We used to use certutil -O but Fedora 11 changed certutil so it doesn't show untrusted CAs (the whole point of running the command).

Instead parse the output of pk12util -l to find the nicknames of the CAs to trust.


Attachment: freeipa-242-trust.patch
Description: application/mbox

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Freeipa-devel mailing list

Reply via email to