Standa Laznicka wrote:
> I started a design page for FreeIPA on FIPS-enabled systems:
> Me and Tomáš are still investigating what of all things will need to
> change in order to have FreeIPA on FIPS-enabled RHEL. So far I managed
> to install and run patched FreeIPA server and client and connect them
> There are some issues with NSS when trying to create an HTTPS request
> (apparently, NSS requires an NSS database password to set up an SSL
> connection). I am actually thinking of removing NSSConnection from the
> client altogether.
Can you expand on this a bit? NSS should only need a pin when it needs
access to a private key. What connection(s) are you talking about, and
what would you replace NSSConnection with?
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code