On 07/16/2012 01:35 PM, Rob Crittenden wrote:
Nalin Dahyabhai wrote:
On Mon, Jul 16, 2012 at 09:23:24AM -0400, Rob Crittenden wrote:
Use the new certmonger capability to be able to renew the dogtag
subsystem certificates (audit, OCSP, etc).
Are the copies of the certificates in the pki-ca CS.cfg file being
updated elsewhere? Or is it not turning out to be a problem if they
I didn't test validating OCSP signatures but the audit subsystem
seemed fine (it complained wildly when I had the wrong trust in the
Andrew, do I need to update CS.cfg as well?
Yes, you may need update CS.cfg too.
Freeipa-devel mailing list