The CLI options for ipa-server-certinstall are not ideal. We should:
Add a --pin option that replaces --dirsrv_pin (used with -d) and --http_pin (used with -w; -d and -w are mutually exclusive). The old options will remain as deprecated aliases.
--pin
--dirsrv_pin
-d
--http_pin
-w
Add a -p, --dirman-password option to specify the directory manager password (necessary for replacing the DS cert).
-p, --dirman-password
Mention in the usage string that
ipa-server-certinstall is now being rewritten for #3641, the change can be included in that devel effort.
First bit done.
master: 02be7ac Add --pin option to ipa-server-certinstall.
ipa-3-3: 02214c4 Add --pin option to ipa-server-certinstall.
I'll keep an eye on this one.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1001665
master: 3c92616[[BR]] ipa-3-3: 220f6f6
Correcting the release notes
Metadata Update from @pviktori: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 3.3.x - 2013/08 (bug fixing)
Login to comment on this ticket.