Bug 323281 - unhelpful message for TLS LDAP cert
unhelpful message for TLS LDAP cert
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: authconfig (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F9Target
  Show dependency treegraph
 
Reported: 2007-10-08 12:36 EDT by cje
Modified: 2008-01-09 17:50 EST (History)
0 users

See Also:
Fixed In Version: authconfig-5.3.19-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-09 17:50:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description cje 2007-10-08 12:36:59 EDT
if you select 'Use network login' and then say you're using LDAP with TLS then
it asks for a CA cert for the LDAP server.  the message tells you to copy the
cert file into a specific folder.  but you can't do that yet!

i _think_ the dialog will work if you use a URL for the CA cert file, but the
message doesn't suggest that.
Comment 1 Tomas Mraz 2007-10-08 13:37:00 EDT
If you can't do that on firstboot, you can certainly do that later. There is
also a button for the download of the CA cert from URL. The only change I can
see is to move/copy the button from the LDAP options dialog to the message box
which asks you for the copying.
Comment 2 cje 2007-10-09 15:01:23 EDT
hmm.  why not make it URL only?  (if people have the cert locally they could use
a file:// URL.)

copying a file into a special location sounds a bit 'system' to me!  isn't that
what this dialog is doing anyway - downloading the file from the URL and copying
it to that location for you?

then the message can just be a "you must enter the URL of the CA certificate
file, for example, http://www.mycompany.com/ca.cert" type of thing.  that can
pop up if the field is left blank.

i think that would work for both the firstboot scenario and the 'regular use'
scenario and wouldn't leave users frustrated by confusing instructions on firstboot.
Comment 3 Tomas Mraz 2007-10-09 15:13:51 EDT
OK, this, or something very similar to your proposal seems reasonable.
Comment 4 Tomas Mraz 2008-01-09 17:50:20 EST
Hopefully fixed now.

Note You need to log in before you can comment on or make changes to this bug.