On 10/14/2013 09:32 PM, Erinn Looney-Triggs wrote: > On 10/14/2013 10:26 AM, Rob Crittenden wrote: >> Erinn Looney-Triggs wrote: >>> Folks, I wanted to touch base with y'all about how/if work is >>> progressing on the ability to replace the CA certificate. My >>> certificate is a subordinate of an AD CS instance and will be expiring >>> in December, after two years. Some how, some way, without rebuilding I >>> would like to be able to replace this subordinate CA. >>> >>> There is a ticket open for this, last I checked not much was said in >>> the ticket: https://fedorahosted.org/freeipa/ticket/3304 >>> >> >> http://www.freeipa.org/page/V3/CA_certificate_renewal >> >> There was a discussion of this proposal on freeipa-devel, >> https://www.redhat.com/archives/freeipa-devel/2013-October/msg00073.html >> >> >> rob > > Rob, > > Brilliant, thanks for the pointers to the info and the discussion. > > -Erinn >
Erinn, I will be talking to my colleague (Jan Cholasta) and even if the referred feature is not released until December, we will provide you either with a tool to do the renewal, or a manual procedure how to do it if the tool is not ready until that time. So, keep in touch. -- Martin Kosek <mko...@redhat.com> Supervisor, Software Engineering - Identity Management Team Red Hat Inc. _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users