URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
MartinBasti commented:
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/0b9b6b52d7f2e64a52ef8fd570839711311fa254
"""
See the full comment at
https://github.com/freei
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
stlaz commented:
"""
You shouldn't turn FIPS on post-install (is what I think you mean), correct.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/450#issuecomment-279
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
HonzaCholasta commented:
"""
LGTM. I guess we don't have to bother with upgrade, given that you can turn on
FIPS post-install, right?
"""
See the full comment at
https://github.com/free
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
stlaz commented:
"""
That was my original approach to it but we had offline talk with @HonzaCholasta
and got to the point that it might be better to do it this way.
From my point of view
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
rcritten commented:
"""
I guess this is one approach to fix the problem. Would it be cleaner to pass
in, or detect, FIPS mode, and only write out the token that will actually be
used?
""