#3869 [RFE] Clean up ipa-server-certinstall CLI options
Closed: Fixed None Opened 7 years ago by pviktori.

The CLI options for ipa-server-certinstall are not ideal. We should:

  • Add a --pin option that replaces --dirsrv_pin (used with -d) and --http_pin (used with -w; -d and -w are mutually exclusive). The old options will remain as deprecated aliases.

  • Add a -p, --dirman-password option to specify the directory manager password (necessary for replacing the DS cert).

  • Mention in the usage string that

    • a PKCS#``12 cert argument is required
    • either -d or -w is required

ipa-server-certinstall is now being rewritten for #3641, the change can be included in that devel effort.

First bit done.

master: 02be7ac Add --pin option to ipa-server-certinstall.

ipa-3-3: 02214c4 Add --pin option to ipa-server-certinstall.

I'll keep an eye on this one.

Correcting the release notes

Metadata Update from @pviktori:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 3.3.x - 2013/08 (bug fixing)

4 years ago

Login to comment on this ticket.