On 10/14/2013 09:32 PM, Erinn Looney-Triggs wrote:
> On 10/14/2013 10:26 AM, Rob Crittenden wrote:
>> Erinn Looney-Triggs wrote:
>>> Folks, I wanted to touch base with y'all about how/if work is
>>> progressing on the ability to replace the CA certificate. My
>>> certificate is a subordinate of an AD CS instance and will be expiring
>>> in December, after two years. Some how, some way, without rebuilding I
>>> would like to be able to replace this subordinate CA.
>>> There is a ticket open for this, last I checked not much was said in
>>> the ticket: https://fedorahosted.org/freeipa/ticket/3304
>> http://www.freeipa.org/page/V3/CA_certificate_renewal
>> There was a discussion of this proposal on freeipa-devel, 
>> https://www.redhat.com/archives/freeipa-devel/2013-October/msg00073.html
> Rob,
> Brilliant, thanks for the pointers to the info and the discussion.
> -Erinn

Erinn, I will be talking to my colleague (Jan Cholasta) and even if the
referred feature is not released until December, we will provide you either
with a tool to do the renewal, or a manual procedure how to do it if the tool
is not ready until that time.

So, keep in touch.

Martin Kosek <mko...@redhat.com>
Supervisor, Software Engineering - Identity Management Team
Red Hat Inc.

Freeipa-users mailing list

Reply via email to