Bug 1455054
Summary: | ipa-ca-install command installs CA on replica even if cert file is not specified with --external-cert-file option | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Mohammad Rizwan <myusuf> |
Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
Status: | CLOSED WONTFIX | QA Contact: | ipa-qe <ipa-qe> |
Severity: | unspecified | Docs Contact: | |
Priority: | low | ||
Version: | 8.0 | CC: | pasik, pcech, pvoborni, rcritten, tscherf |
Target Milestone: | rc | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-11-30 14:15:37 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mohammad Rizwan
2017-05-24 07:36:04 UTC
--external_cert_file option in ipa-ca-install is used for upgrading CA-less setup to setup with CA. In other cases, this option is ignored and thus probably misses validation. A bug but I'd say with lower priority. Upstream ticket: https://pagure.io/freeipa/issue/6985 I'm inclined to close this as not a bug. This is the equivalent of setting it to nothing, which is the default anyway, so it is just a superfluous option. It is a no-op so I don't think we should throw an error. RHEL-7.7 is already near the end of a Development Phase and development is being wrapped up. I am bulk-moving to RHEL 8 the Bugs which were already triaged, but to which we did not commit (without devel_ack) and we cannot keep them even as a stretch goal for RHEL-7.7. If you believe this particular bug should be reconsidered for 7.7, please let us know. This BZ has been evaluated multiple times over the last several years and we assessed that it is a valuable request to keep in the backlog and address it at some point in future. Time showed that we did not have such capacity, nor have it now nor will have in the foreseeable future. In such a situation keeping it in the backlog is misleading and setting the wrong expectation that we will be able to address it. Unfortunately we will not. To reflect this we are closing this BZ. If you disagree with the decision please reopen or open a new support case and create a new BZ. However this does not guarantee that the request will not be closed during the triage as we are currently applying much more rigor to what we actually can accomplish in the foreseeable future. Contributions and collaboration in the upstream community and CentOS Stream is always welcome! Thank you for understanding Red Hat Enterprise Linux Identity Management Team |