With Dogtag, the feature is not needed any more. It's also untested, and likely broken.
Specifically this proposes to remove these options from ipa-server-install:
--dirsrv_pkcs12=DIRSRV_PKCS12 --http_pkcs12=HTTP_PKCS12 --dirsrv_pin=DIRSRV_PIN --http_pin=HTTP_PIN
And the tool ipa-server-certinstall.
Also the --pkinit_{pkcs12,pin} options.
--pkinit_{pkcs12,pin}
Related BZ https://bugzilla.redhat.com/show_bug.cgi?id=910900
We have decided to not retire this functionality as it may be very useful in some scenarios and fix it instead.
Metadata Update from @pviktori: - Issue assigned to pviktori - Issue set to the milestone: FreeIPA 3.2 - 2013/02
Login to comment on this ticket.