Bug 1434729
Summary: | man ipa-cacert-manage install needs clarification | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Petr Vobornik <pvoborni> |
Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
Status: | CLOSED ERRATA | QA Contact: | Varun Mylaraiah <mvarun> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 7.4 | CC: | gkaihoro, mvarun, nsoman, pvoborni, rcritten, tkrizek, tscherf |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.5.0-3.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-08-01 09:46:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Petr Vobornik
2017-03-22 09:07:37 UTC
Upstream ticket: https://pagure.io/freeipa/issue/6795 Fixed upstream master: https://pagure.io/freeipa/c/3ea2834b76a72c97186b01487e885800754c0fbc ipa-4-5: https://pagure.io/freeipa/c/bb53a9ab6dce023dd51c2a434fd8597eab5bc0d0 [root@bkr-hv03-guest08 ~]# rpm -q ipa-server ipa-server-4.5.0-9.el7.x86_64 [root@bkr-hv03-guest08 ~]# man ipa-cacert-manage | grep "install" ipa-cacert-manage [OPTIONS...] install CERTFILE When the IPA CA is subordinate of an external CA, the renewal process involves submitting a CSR to the external CA and installing the newly issued certificate in IPA, which cannot be done install This command can be used to install the certificate contained in CERTFILE as an additional CA certificate to IPA. Important: this does not replace IPA CA but adds the provided certificate as a known CA. This is useful for instance when using ipa-server-certinstall to replace HTTP/LDAP certificates with third-party certificates signed by this additional CA. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2304 |