Petr Spacek wrote:
Hi,

our docs

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/install-server.html#install-determine-ca

claim this:
"The certmonger service is not used to track certificates. Therefore, it does
not warn you of impending certificate expiration."

Is this correct?

Can we at least configure certmonger to passively track the certificates and
throw warning about impending expiration into logs?


Throw a warning where? Register an e-mail address as part of the tracking perhaps?

It would probably be fairly easy to write a "CA" that sends an e-mail. The trick, and this has always tripped us up, is having an MTA configured.

rob

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to