Bug 602397 - CA cert is installed in NSS databases under different nicknames
Summary: CA cert is installed in NSS databases under different nicknames
Alias: None
Product: freeIPA
Classification: Retired
Component: ipa-server   
(Show other bugs)
Version: 2.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Rob Crittenden
QA Contact: Chandrasekar Kannan
Depends On:
TreeView+ depends on / blocked
Reported: 2010-06-09 19:06 UTC by John Dennis
Modified: 2015-01-04 23:42 UTC (History)
4 users (show)

Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-03-28 09:36:26 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description John Dennis 2010-06-09 19:06:18 UTC
After doing server and client install on the same machine the CA cert installed in several NSS databases, but the nickname used to refer to the cert is different, they should for consistency and ease of use be referred to by the same name.

/etc/httpd/alias:                 "CA certificate"
/etc/pki/nssdb:                   "IPA CA"
/etc/dirsrv/slapd-<ipa_instance>: "CA certificate"

I would suggest the name "IPA CA" is preferred as it clearly identifies which CA it is.

Comment 1 Rob Crittenden 2010-09-07 19:52:49 UTC
Added as trac task https://fedorahosted.org/freeipa/ticket/181

Comment 2 Martin Kosek 2011-03-22 11:27:10 UTC
Fixed in 3703062ab25a7817581eefa2f89214e8a6244bee.

Note You need to log in before you can comment on or make changes to this bug.