928479 – Install CA anchor into standard location

Bug 928479 - Install CA anchor into standard location

Summary: Install CA anchor into standard location

Keywords:
Status:	CLOSED DUPLICATE of bug 928478
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeipa
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Rob Crittenden
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-03-27 18:09 UTC by Stef Walter
Modified:	2013-03-27 18:12 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2013-03-27 18:12:42 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Stef Walter 2013-03-27 18:09:12 UTC

As part of this Fedora feature, we're working on having a standard location and API for installing system trust anchors. 

https://fedoraproject.org/wiki/Features/SharedSystemCertificates

In Fedora 19 there's a standard location for Admins to add these system trust anchors. In Fedora 20, we want to add standard tools to do this task.

ipa-client-install currently adds the root certificate for the domain to  /etc/pki/nssdb. By instead using these new facilities, all applications using any of the standard locations (via OpenSSL, GnuTLS, NSS, java, and so on) will be able to use the FreeIPA CA root as a trusted anchor.

Comment 1 Stef Walter 2013-03-27 18:12:42 UTC


*** This bug has been marked as a duplicate of bug 928478 ***

Note You need to log in before you can comment on or make changes to this bug.