#944 ldap_tls_cacert's default value in IPA provider should be /etc/ipa/ca.crt
Closed: Fixed None Opened 8 years ago by jhrozek.

ipa-client-install sets the option so for all client installs anyway. Changing the default might allow us to get rid of the explicit setting in the future making the domain configuration nicer again.


I assume you mean ONLY in the IPA provider, and not for the LDAP provider.

I don't want to change it for the LDAP provider, since it would break backwards-compatibility.

component: SSSD => IPA Provider
milestone: NEEDS_TRIAGE => SSSD 1.6.0
owner: somebody => jhrozek
priority: major => trivial

Replying to [comment:1 sgallagh]:

I assume you mean ONLY in the IPA provider, and not for the LDAP provider.

I don't want to change it for the LDAP provider, since it would break backwards-compatibility.

Of course only in IPA

Fields changed

summary: ldap_tls_cacert's default value should be /etc/ipa/ca.crt => ldap_tls_cacert's default value in IPA provider should be /etc/ipa/ca.crt

Fields changed

owner: jhrozek => sgallagh
status: new => assigned

Fixed by d2d90b7

owner: sgallagh => jhrozek
patch: 0 => 1
status: assigned => new

Fields changed

resolution: => fixed
status: new => closed

Backported to sssd-1-5

f14b8f9

milestone: SSSD 1.6.0 => SSSD 1.5.12

Fields changed

rhbz: => 0

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.5.12

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1986

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata