Bug 1328472 - ca cert renewal
Summary: ca cert renewal
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: doc-Linux_Domain_Identity_Management_Guide
Version: 7.2
Hardware: All
OS: Linux
high
medium
Target Milestone: rc
: ---
Assignee: Aneta Šteflová Petrová
QA Contact: Namita Soman
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-19 13:21 UTC by Thorsten Scherf
Modified: 2019-10-10 11:54 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-29 07:23:13 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 272493 0 None None None 2016-04-19 14:14:33 UTC

Description Thorsten Scherf 2016-04-19 13:21:33 UTC
Description of problem:

I'm referring to our current documentation:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/manual-cert-renewal.html

I'm proposing the following changes:

29.3. Manual CA Certificate Renewal

All instructions are listed under this section:

"""
To manually renew the Dogtag CA certificate signed by an external CA: """

"""
1. Run the ipa-cacert-manage renew command. """

This should be
1. Run the ipa-cacert-manage renew command and --external-ca option: ipa-cacert-manage renew --external-ca


"""
5. Run the ipa-certupdate utility on all clients to update them with the
information about the new certificate from LDAP. You have to run
ipa-certupdate on every client separately. """

This should be
5. Run the ipa-certupdate utility on all clients and replicas to update them with the information about the new certificate from LDAP. You have to run ipa-certupdate on every client and replica separately.
Also looping in Martin for his comments.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 4 Aneta Šteflová Petrová 2016-06-20 10:33:10 UTC
I applied the changes proposed in this BZ for section "29.3. Manual CA Certificate Renewal":
* The ipa-cacert-manage renew step for an external CA now includes --external-ca
* Both ipa-certupdate steps now mention clients and replicas


Note You need to log in before you can comment on or make changes to this bug.