7d80679 Add pkinit config and ipa certs

Authored and Committed by ryanlerch 3 years ago
    Add pkinit config and ipa certs
    In the FAS replacement being rolled out in 2021, that uses freeipa and
    noggin, if a user has 2FA enabled, they need some extra configuration to
    get kinit working with 2FA. This adds this configuration and the
    required certificates to get it working.
    If a user has 2FA enabled and needs to get a kerberos ticket,
    First they bneed to Run the following command to initialize the
    credentials cache. Note that this command creates the `armor.ccache`
    file that you will need to point to whenever you request a new kerberos
     kinit -n @FEDORAPROJECT.ORG -c FILE:armor.ccache
    Finally, request the kerberos ticket with the following command:
     kinit -T FILE:armor.ccache <username>@FEDORAPROJECT.ORG
    You will be presented with the following prompt, be sure to
    *Enter your password first, followed by the OTP Token Value*:
     Enter OTP Token Value:
    Signed-off-by: Ryan Lerch <rlerch@redhat.com>
file modified
+6 -0
file modified
+5 -1