Add a --copy' option to certprofile-import, or a separate commandcertprofile-copy', to make a copy of an existing profile.
--copy' option to certprofile-import, or a separate command
An `--output' option (#5091) will make it possible for users to accomplish this, with additional steps, so this is somewhat less important.
It's very difficult for users to make any sense of profile configuration files. Users need to copy the certificate profiles from /var/lib/pki/pki-tomcatd/ca/profile/ca
Instead it would be nice if there is a option called --template: ipa certprofile-import --desc="Manual User Dual-Use Certificate Enrollment" --template=user --store=False
ftweedal: Yes, the profile configuration is awful - there are long term plans for a friendlier "profile builder" feature but that will not help current users.
--template concept is feasible, but there is not actually any templating - perhaps --copy <existing-profile-id> argument or even separate command certprofile-copy is clearer?
--template
--copy <existing-profile-id>
certprofile-copy
Niranjan: okay looks good to me.
FreeIPA 4.2.1 was released, moving to 4.2.x.
Metadata Update from @ftweedal: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Login to comment on this ticket.