On 07/12/2013 01:19 PM, Rob Crittenden wrote:
> Erinn Looney-Triggs wrote:
>> Is there a reason that ipa-client-install does not add the CA of the IPA
>> server to the ca-bundle.crt file in /etc/pki/certs/?
>>
>> Seems like it would be a reasonable move to do that.
>>
>> I know it imports the CA into /etc/pki/nssdb.
>>
>> Hopefully I didn't miss something that allows it to. But I wanted to
>> check if there was a good reason for it not to before going and filing
>> an RFE.
> 
> We will as part of the shared system certificates effort,
> http://fedoraproject.org/wiki/Features/SharedSystemCertificates Our
> ticket is https://fedorahosted.org/freeipa/ticket/3504
> 
> They are working on tools to make managing these certificates easier for
> F-20.
> 
> rob
> 
> 

Yeah I saw that effort for F19, I think it is excellent and well time
for it. Glad to know it is on the radar. For those of us in RHEL land at
least for now, it looks like this won't help.

Thanks,
-Erinn

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to