URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install

martbab commented:
@MartinBasti I haven't thought about CA-less -> CA-full but in this case you 
would have local PKINIT and should configure full PKINIT manually

All the other scenarios should be covered by the incoming code.

Regarding your comment on the certmonger helper/special CA, we (me and 
@HonzaCholasta ) decided to remove it and use a self-sign CA instead.

See the full comment at 
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to