#6703 Enable ephemeral KRA requests
Closed: fixed 6 years ago Opened 7 years ago by cheimes.

FreeIPA should enable ephemeral KRA requests to reduce the amount of LDAP write operations. To enable ephemeral requests, add {{{kra.ephemeralRequests=true}}} to CS.cfg and restart KRA. See https://fedorahosted.org/pki/ticket/2532 for details.

The feature will be available in Dogtag 10.4.


Metadata Update from @cheimes:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.6

7 years ago

Metadata Update from @cheimes:
- Custom field affects_doc reset
- Custom field component reset
- Custom field type reset
- Issue close_status updated to: None
- Issue set to the milestone: None (was: FreeIPA 4.6)
- Issue tagged with: integration

7 years ago

Metadata Update from @pvoborni:
- Custom field affects_doc reset
- Custom field tester adjusted to wanted
- Issue set to the milestone: FreeIPA 4.6

7 years ago

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.6.1 (was: FreeIPA 4.6)

6 years ago

Metadata Update from @tkrizek:
- Issue set to the milestone: FreeIPA 4.6.2 (was: FreeIPA 4.6.1)

6 years ago

Metadata Update from @rcritten:
- Issue assigned to rcritten (was: someone)

6 years ago

It is currently not possible to enable this setting during installation because there is no pkispawn option for it. I opened RFE https://pagure.io/dogtagpki/issue/2820 to add this.

I think we can live with a restart. Using the pkispawn option can be a future enhancement.

Metadata Update from @tdudlak:
- Issue set to the milestone: FreeIPA 4.6.3 (was: FreeIPA 4.6.2)

6 years ago

master:

  • 10a847b Make the path to CS.cfg a class variable
  • a7ae2db Enable ephemeral KRA requests

ipa-4-6:

  • d7b1531 Make the path to CS.cfg a class variable
  • 29c37e3 Enable ephemeral KRA requests

Metadata Update from @cheimes:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

Login to comment on this ticket.

Metadata