Bug 1313679
Summary: | Section 14.2.3., specify that CSRs are generated on nodes, not on IdM server | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Roland Wolters <rwolters> |
Component: | doc-Linux_Domain_Identity_Management_Guide | Assignee: | Aneta Šteflová Petrová <apetrova> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.4 | CC: | apetrova, mkosek, rhel-docs, rwolters |
Target Milestone: | rc | Keywords: | Documentation, EasyFix |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-07-29 07:23:06 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Roland Wolters
2016-03-02 08:18:58 UTC
It is at least better than the original version. I would still have added a line saying that the certificate stays on a server different than the IdM, but this version is at least not as confusing as the original one. You can close if you want. Thanks for the update Roland. We will have a look at this BZ and make the change. I added an Important admonition to 17.1.1.: ---------- Services typically run on dedicated service nodes on which the private keys are stored. Copying a service's private key to the IdM server is considered insecure. Therefore, when requesting a certificate for a service, create the CSR on the service node, not on the IdM server. ---------- Roland, is this okay? |