Issue #4460: ipa-certupdate: report better error when client is not configured - freeipa

freeipa

#4460 ipa-certupdate: report better error when client is not configured

Closed: Fixed None Opened 9 years ago by mkosek.

When the new command ipa-certupdate is run and FreeIPA client is not configured on the system, it reports following error:

# ipa-certupdate 
Error initializing principal host/ipa.mkosek-fedora20.test@EXAMPLE.COM in /etc/krb5.keytab: (-1765328203, 'Key table entry not found')

It would be more user friendly to print "ipa not configured" like other tools:

# ipa-client-automount 
IPA client is not configured on this system.
# ipa user-show admin
ipa: ERROR: Client is not configured. Run ipa-client-install.
# ipa-backup 
IPA is not configured on this system.

mkosek commented 9 years ago

master:

231f57c Introduce NSS database /etc/ipa/nssdb
86c534d Move NSSDatabase from ipaserver.certs to ipapython.certdb
b764e9d Add NSSDatabase.has_nickname for checking nickname presence in a NSS DB
bbf9622 Use NSSDatabase instead of direct certutil calls in client code
f40a0ad Use /etc/ipa/nssdb to get nicknames of IPA certs installed in /etc/pki/nssdb
9ab402c Check if IPA client is configured in ipa-certupdate
4e68046 Get server hostname from jsonrpc_uri in ipa-certupdate
734afdf Remove ipa-ca.crt from systemwide CA store on client uninstall and cert update
05e6626 Fix certmonger.wait_for_request
da24d8a Fix certmonger search for the CA cert in ipa-certupdate and ipa-cacert-manage

ipa-4-1:

ed2bfff Introduce NSS database /etc/ipa/nssdb
017d61d Move NSSDatabase from ipaserver.certs to ipapython.certdb
e7b7492 Add NSSDatabase.has_nickname for checking nickname presence in a NSS DB
9c07228 Use NSSDatabase instead of direct certutil calls in client code
483ebf9 Use /etc/ipa/nssdb to get nicknames of IPA certs installed in /etc/pki/nssdb
511dc3a Check if IPA client is configured in ipa-certupdate
6ab1f6c Get server hostname from jsonrpc_uri in ipa-certupdate
9666212 Remove ipa-ca.crt from systemwide CA store on client uninstall and cert update
7da4873 Fix certmonger.wait_for_request
d04fa16 Fix certmonger search for the CA cert in ipa-certupdate and ipa-cacert-manage

Metadata Update from @mkosek:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 4.1

7 years ago

Metadata

Assignee

jcholast

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

FreeIPA 4.1

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

Certificate management

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#4460 ipa-certupdate: report better error when client is not configured Closed: Fixed None Opened 9 years ago by mkosek.

Metadata

#4460 ipa-certupdate: report better error when client is not configured

Closed: Fixed None Opened 9 years ago by mkosek.