Bug 458871

Summary: When using self-signed certs CA is not installed and HTML is not signed
Product: [Retired] Red Hat Enterprise IPA Reporter: Rob Crittenden <rcritten>
Component: ipa-serverAssignee: Rob Crittenden <rcritten>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0CC: dpal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-01-21 15:20:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 453489    
Attachments:
Description Flags
set up autoconfig if not installing with PKCS#12 files none

Description Rob Crittenden 2008-08-12 19:22:01 UTC
Description of problem:

When a set of PKCS#12 files is used to install IPA then we don't install the CA cert into /usr/share/ipa/html/ca.crt nor do we try to sign the Firefox autoconfiguration HTML file.

But when letting IPA use self-signed certs we should do that. Unfortunately it isn't.

It appears to be in the call to http.create_instance() in ipa-server-install.

Version-Release number of selected component (if applicable):

ipa-1.0.0-17.el5ipa

Comment 1 Rob Crittenden 2008-08-14 20:19:13 UTC
Created attachment 314354 [details]
set up autoconfig if not installing with PKCS#12 files

Comment 2 Rob Crittenden 2008-08-14 21:43:29 UTC
master: 4be5d862a6a90c61546fc1be082bd3c4f63d8189

Comment 3 Michael Gregg 2008-11-21 23:28:06 UTC
Reinstalling the old ca.crt from the previous install seem to get picked up with new install. 

closed as verified.

verified on version:
ipa-server-1.1.0-2.20081121.el5ipa

Comment 6 Martin Kosek 2015-01-21 15:20:46 UTC
"Red Hat Enterprise IPA" product is not used or maintained. As this bug has a VERIFIED or RELEASE_PENDING status, it can be safely closed.

For further requests for the Red Hat Enterprise Linux Identity Management, please consider filing a Bug to RHEL "ipa" component.