602397 – CA cert is installed in NSS databases under different nicknames

Bug 602397 - CA cert is installed in NSS databases under different nicknames

Summary: CA cert is installed in NSS databases under different nicknames

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	freeIPA
Classification:	Retired
Component:	ipa-server
Sub Component:
Version:	2.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Rob Crittenden
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-06-09 19:06 UTC by John Dennis
Modified:	2015-01-04 23:42 UTC (History)
CC List:	4 users (show)
Fixed In Version:	freeipa-2.0.0-1.fc15
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-03-28 09:36:26 UTC
Embargoed:

Attachments	(Terms of Use)

Description John Dennis 2010-06-09 19:06:18 UTC

After doing server and client install on the same machine the CA cert installed in several NSS databases, but the nickname used to refer to the cert is different, they should for consistency and ease of use be referred to by the same name.

/etc/httpd/alias:                 "CA certificate"
/etc/pki/nssdb:                   "IPA CA"
/etc/dirsrv/slapd-<ipa_instance>: "CA certificate"

I would suggest the name "IPA CA" is preferred as it clearly identifies which CA it is.

Comment 1 Rob Crittenden 2010-09-07 19:52:49 UTC

Added as trac task https://fedorahosted.org/freeipa/ticket/181

Comment 2 Martin Kosek 2011-03-22 11:27:10 UTC

Fixed in 3703062ab25a7817581eefa2f89214e8a6244bee.

Note You need to log in before you can comment on or make changes to this bug.