Bug 976788
| Summary: | pki-ca 9.0.26 adds new required option, -client_token_name | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Rob Crittenden <rcritten> |
| Component: | freeipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 17 | CC: | abokovoy, alee, cfu, jmagne, mharmsen, mkosek, rcritten, ssorce |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | pki-core-9.0.27-1.fc17 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-06-27 01:59:29 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Rob Crittenden
2013-06-21 13:11:21 UTC
Hi, this is by no means asking one to add any new parameter permanently to their scripts, but in case you need it working before the official fix can be provided, you could add the following as a workaround to run pkisilent before the official fix is provided:
-client_token_name "internal"
-save_p12 "false"
-backup_pwd "redhat"
btw, I think you only need to add the "save_p12" and "backup_pwd" like above if you don't want to save the p12. If you already want to save the p12, then you should already have the two lines accordingly.
Please accept our apology for the inconvenience. Thank you.
freeipa-2.2.2-2.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/freeipa-2.2.2-2.fc17 I produced a fixed build of FreeIPA for Fedora 17 which adds -client_token_name option for pkisilent. Can you Rob or Christina please run a quick test ipa-server-install and give karma? The package would then automatically be added to stable updates. This fixes the server installation issue but I was under the impression that the pki-ca package was going to address this. I wanted to release this quick fix for IPA in order to fix FreeIPA installation until Dogtag decides to build another version and until it lands in F17 (as Christina suggested). Actually, Jack checked in the official fix into the Dogtag 9 tree. I'm not sure how the build process is there, you just need to pick up the new build. With that new build, you don't need to have the workaround. I suggest you get on #dogtag-pki and ask alee about the build. We'll get a new build out in bodhi today. Jack Magne checked in the following patch to 'DOGTAG_9_BRANCH': * 6b4cef9b3bead64b34395a5c3e0071a35aff9fbb Matthew Harmsen checked in the following patch (fixing templates) to 'DOGTAG_9_BRANCH': * ade7453af3dffcc29393f20e33c902906f8ae9fb pki-core-9.0.27-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/pki-core-9.0.27-1.fc17 freeipa-2.2.2-2.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. pki-core-9.0.27-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |