When renewed IPA CA certificate is not available in LDAP, ipa-certupdate will wait indefinitely for it to appear, which is not correct. Instead, it should take whatever IPA CA certificate is available at the moment and use that.
Stretch 4.1.
Patch was not reviewed in 4.1 scope, moving to 4.1.1 release.
master:
ipa-4-1:
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=886645 (Red Hat Enterprise Linux 7)
Metadata Update from @jcholast: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.1.1
Login to comment on this ticket.