b83ebe0 server install: fix KDC PKINIT configuration

8 files Authored by jcholast 6 years ago, Committed by mbasti 6 years ago,
    server install: fix KDC PKINIT configuration
    
    Set `pkinit_pool` in `kdc.conf` to a CA certificate bundle of all CAs known
    to IPA.
    
    Make sure `cacert.pem` is exported in all installation code paths.
    
    Use the KDC certificate itself as a PKINIT anchor in `login_password`.
    
    https://pagure.io/freeipa/issue/6831
    
    Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
    Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
    
        
file modified
+4 -3
file modified
+4 -1