On Thu, Feb 08, 2018 at 09:43:48PM -0600, Sergei Gerasenko via FreeIPA-users 
wrote:
> Hello,
> 
> I recently upgraded to version 4.5 of FreeIPA. I only upgraded the server, 
> not the clients. Do my clients now have to use pkinit? Or is it optional? How 
> can I check what is being used? I’m concerned that if the environment now is 
> so certificate centric, I will someday be locked out because some certificate 
> has expired.

PKINIT is optional. As along as the users have a password assigned
password authentication should always work.

HTH

bye,
Sumit

> 
> Thanks,
>   Sergei
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
  • [Freeipa-users] pkinit Sergei Gerasenko via FreeIPA-users
    • [Freeipa-users] Re: pkinit Sumit Bose via FreeIPA-users

Reply via email to