CA-less inteegration test suite reports many errors related to installation
> assert stderr_text in result.stderr_text, result.stderr_text E AssertionError: Usage: ipa-server-install [options] E E ipa-server-install: error: --dirsrv-cert-file, --http-cert-file, and --pkinit-cert-file or --no-pkinit are required if any key file options are used. E ipa.ipapython.install.cli.install_tool(CompatServerMasterInstall): ERROR The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
Please inspect if tests should be updtaed or there is error in checking options
The cause of this failure is that new required options for CA-less were added. These are either --pkinit-cert-file along with --pkinit-pin or the --no-pkinit option. I believe both scenarios should be tested. Please note that generating the certificate for pkinit is not so simple as it is for the DS and HTTPD certificates since some more certificate extensions are required, along with adding SANs. I do not know which exactly, @simo, @abbra, @jcholast or @mbabinsk will know.
--pkinit-cert-file
--pkinit-pin
--no-pkinit
Metadata Update from @stlaz: - Issue tagged with: tests
Metadata Update from @mreznik: - Issue assigned to mreznik
Metadata Update from @pvoborni: - Custom field rhbz adjusted to 0 - Issue priority set to: major - Issue set to the milestone: FreeIPA 4.5.1
master:
ipa-4-5:
Metadata Update from @mbasti: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.