Hi Thorsten,

thanks for the patch, but unfortunately it isn't as simple as this - if the provided certificate was issued by our CA, we should still track it.


As part of installer improvements in 4.4, we plan to always track all certificates, even 3rd party ones (this way we can have the same certmonger configuration everywhere, plus the user will be at least warned when the certificate is about to expire), which will also fix this issue.

Does that sound OK?

Honza

--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to