freeipa

Clone
Source Code
GIT

2768b0d Require an ipa-ca SAN on 3rd party certs if ACME is enabled

Authored and Committed by rcritten 3 years ago
raw patch tree parent
4 files changed. 49 lines added. 2 lines removed.
install/tools/man/ipa-server-certinstall.1
file modified
+2 -0
ipaserver/install/cainstance.py
file modified
+25 -0
ipaserver/install/ipa_acme_manage.py
file modified
+9 -1
ipaserver/install/ipa_server_certinstall.py
file modified
+13 -1 
    Require an ipa-ca SAN on 3rd party certs if ACME is enabled
    
    ACME requires an ipa-ca SAN to have a fixed URL to connect to.
    If the Apache certificate is replaced by a 3rd party cert then
    it must provide this SAN otherwise it will break ACME.
    
    https://pagure.io/freeipa/issue/8498
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
    Reviewed-By: Mohammad Rizwan <myusuf@redhat.com>
file modified
+2 -0
file modified
+25 -0
file modified
+9 -1
file modified
+13 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.