Learn more about these different git repos.
Other Git URLs
On reconnect to the IPA server, the IPA client shall resync/refresh/renew cached credentials, keytabs, certs and other downloaded entities (policies and configuration information for applications). It is about cert refresh.
We need a smarter policy, we can't make all clients do a bulk refresh as soon as a server comes up or we may kill it with excess connections and load to satisfy all requests at the same time.
As we mentioned before this ticket is reduced in scope to tracking the certs. The cert tracking utility should be smart to ask for certs at the right time.
I think the logic should probably be: If currentTime - lastSuccessCheckTime >= configuredValue If network status changed - Try to refresh certs else go idle and try later
Fields changed
milestone: SSSD 0.6.0 => SSSD Deferred
milestone: SSSD Deferred => SSSD 1.2
Moving back to Deferred.
We don't have any certificates that need tracking right now. All communications in the IPA backend are protected by GSSAPI/KRB5.
milestone: SSSD 1.2 => SSSD Deferred
rhbz: => 0
This is now done by the certmonger project so closing this ticket.
blockedby: => blocking: => coverity: => feature_milestone: => patch: => 0 proposed_priority: => Undefined resolution: => wontfix status: new => closed upgrade: => 0
Metadata Update from @sgallagh: - Issue assigned to sgallagh - Issue set to the milestone: SSSD Patches welcome
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1194
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.