URL: https://github.com/freeipa/freeipa/pull/584
Title: #584: Improve the implementation of PKINIT certificate retrieval

MartinBasti commented:
"""
master:

* 95768de06fbef78169329af12b29e4d65e4bf157 Make PKINIT certificate request 
logic consistent with other installers
* b5b23e073e59930e4dcf14ea8031c2c0441e6344 Request PKINIT cert directly from 
Dogtag API on first master
* bd18b5f91e3f98fa877def245c54c1cd33bd372e Move PKINIT configuration to a later 
stage of server/replica install
* 069948466e81d99a0dd48ffffa32af50351d0189 Make wait_for_entry raise exceptions
* 8f4abf7bc1607fc44f528b8a443b69cb82269e69 check that the master requesting 
PKINIT cert has KDC enabled
* b45629fc480e61464b402ac2fc52c6f9fc61df0e check for replica's KDC entry on 
master before requesting PKINIT cert
* a1686a90c0cc8c16c89ef1bada7f507729bf3252 Try out anonymous PKINIT after it is 
configured
"""

See the full comment at 
https://github.com/freeipa/freeipa/pull/584#issuecomment-286782263
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to