Red Hat Bugzilla – Bug 974482
RFE: add freeipa CA to the system-wide trust store
Last modified: 2013-06-14 07:03:21 EDT
Description of problem:
Fedora from F19 on has a shared trust store where CA's can be added and removed on the fly.  FreeIPA should add it's CA there as well if it creates one. CLI instructions to achieve that are described at .
IMO it's in FreeIPA scope to manage CAs in the clients, too, but that's matter for another RFE (that would span SSSD, too).
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Good point. Current plan is to do that in Fedora 20 as I think it won't be just a matter of just running these 2 commands. IPA also configures other services and their certificates (ldap, http), we also have several certificate operation modes (dogtag vs. ca-less install) which needs to be well thought through.
Anyway, marking this Bug as duplicate to Bug 928478 which was already filed for Fedora.
*** This bug has been marked as a duplicate of bug 928478 ***