On 02/27/2015 02:26 PM, Martin Basti wrote:
On 27/02/15 14:21, Martin Basti wrote:
On 26/02/15 15:54, David Kupka wrote:
On 02/26/2015 02:55 PM, Rob Crittenden wrote:
Martin Basti wrote:
On 26/02/15 10:57, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4902
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
Works for me, ACK.
NACK.
If you simply pass in /etc/ipa/ca.crt as the cacert path then it will
use TLS.
rob
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
Thanks for the catch Rob. Updated patch attached.
Hello, I tested it again, just nitpick:
1)
Can you also update the commit message?
Never mind, I accidentally read old commit message. sorry.
And question:
I found, if you erase /etc/ipa/ca.crt from client and use --server
option pointing to different IPA server (LDAP repectively) out of
realm, ipa-client-atomount returns success. Is this behavior good?
This happens without this patch as well.
First of all this never happens if you rely on DNS discovery so most
user will never encounter this behavior,
BUT it would be nice to add a check and warn the user that he is doing
something unwise and will probably regret :-)
Could you please file a ticket?
Martin^2
--
David Kupka
_______________________________________________
Freeipa-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-devel
