Hide Forgot
Description of problem: I'm referring to our current documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/manual-cert-renewal.html I'm proposing the following changes: 29.3. Manual CA Certificate Renewal All instructions are listed under this section: """ To manually renew the Dogtag CA certificate signed by an external CA: """ """ 1. Run the ipa-cacert-manage renew command. """ This should be 1. Run the ipa-cacert-manage renew command and --external-ca option: ipa-cacert-manage renew --external-ca """ 5. Run the ipa-certupdate utility on all clients to update them with the information about the new certificate from LDAP. You have to run ipa-certupdate on every client separately. """ This should be 5. Run the ipa-certupdate utility on all clients and replicas to update them with the information about the new certificate from LDAP. You have to run ipa-certupdate on every client and replica separately. Also looping in Martin for his comments. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
I applied the changes proposed in this BZ for section "29.3. Manual CA Certificate Renewal": * The ipa-cacert-manage renew step for an external CA now includes --external-ca * Both ipa-certupdate steps now mention clients and replicas
Published with the latest update: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html