Bug 998546

Summary: Shared Certificate Tools
Product: [Fedora] Fedora Reporter: Jaroslav Reznik <jreznik>
Component: Changes TrackingAssignee: Jaroslav Reznik <jreznik>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: bugzilla, herrold, stefw
Target Milestone: ---Keywords: Tracking
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: p11-kit-0.19.4-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1021132 1021133 (view as bug list) Environment:
Last Closed: 2013-12-18 14:00:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1021132, 1021133    

Description Jaroslav Reznik 2013-08-19 13:47:54 UTC
This is a tracking bug for Change: Shared Certificate Tools
For more details, see: http://fedoraproject.org//wiki/Changes/SharedCertificateTools

Fedora now has infrastructure for sharing system trusted certificates between the various crypto libraries.

Comment 1 Stef Walter 2013-08-29 12:32:51 UTC
Substantiably testable using p11-kit-0.19.4 which is in Fedora 20.

Comment 2 Jaroslav Reznik 2013-10-11 08:46:13 UTC
This message is a reminder that Fedora 20 Accepted Changes 100%
Completed Deadline is on 2013-10-15 [1].

All Accepted Changes has to be code complete and ready to be
validated in the Beta release (optionally by Fedora QA). Required
bug state at this point is ON_QA.

As for several System Wide Changes, Beta Change Deadline is a
point of contingency plan, all incomplete Changes will be 
reported to FESCo for 2013-10-16 meeting. In case of any
questions, don't hesitate to ask Wrangler (jreznik).

[1] https://fedoraproject.org/wiki/Releases/20/Schedule

Comment 3 Jaroslav Reznik 2013-10-21 13:35:09 UTC
Change is completed, moving to ON_QA as agreed with the owner.

Comment 4 Jaroslav Reznik 2013-12-18 14:00:32 UTC
Closing this bug as this Change was delivered in Fedora 20 release. Please, reopen in case of any issues you encounter regarding this Change completion.

Comment 5 David Mansfield 2013-12-18 16:36:27 UTC
* the page https://fedoraproject.org/wiki/Changes/SharedCertificateTools says that updates will be made there with 'commands to run'


What are the "commands to run" to use this new functionality?

I see the p11-kit-trust.so module, but there is no man page, and nothing that google can find.

I have a company issued CA certificate to install and trust for my brand new Fedora 20 install...

Boo hoo.  This is always such a pain in the ass (which I realize is the whole point of this functionality! So don't take it as an attack, I thank you a million times for cleaning this up).

Maybe we still are at the "put the file in the directory and run update-ca-trust" point.