Jan Orel wrote:
> this patch removes (IMHO) redundat check in cert_show, which fails when
> host tries to re-submit certificate of different host/service which he
> can manage.
> I also reported the bug here:
> I tired to run the tests as well and it doesn't seem to break anything.
> Any feedpack appriciated.
This works around the "Retrieve Certificates from the CA" ACL when done
as a host.
I guess if the hostname isn't the subject then the host for the subject
needs to be read and then look to see if hostname is in the managed_by list.
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code