Issue #7293: Centralize updating CA certificates in NSS db, files - freeipa

freeipa

#7293 Centralize updating CA certificates in NSS db, files

Opened 6 years ago by rcritten. Modified 6 years ago

There are multiple places in the source where the CA chain is retrieved and installed into a provided NSS database or file. There should be some shared utility in ipapython to handle this rather than spreading it around the code. A quick git grep produces:

$ git grep "for cert, nick"
ipaclient/install/client.py: for cert, nickname, trust_flags in
ca_certs_trust:
ipaclient/install/ipa_certupdate.py: for cert, nickname, tr
usted, eku in certs:
ipalib/install/certstore.py: for cert, nickname, trusted, ext_k
ey_usage in certs:
ipaplatform/redhat/tasks.py: for cert, nickname, trusted, _
ext_key_usage in ca_certs:
ipaserver/install/server/upgrade.py: for cert, nickname, tr
ust_flags in ca_certs:
ipaserver/install/service.py: for cert, nickname, trust
_flags in ca_certs:

Metadata Update from @rcritten:
- Issue priority set to: normal
- Issue set to the milestone: FreeIPA 4.8

6 years ago

Metadata

Assignee

None

Tags

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 4.8

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#7293 Centralize updating CA certificates in NSS db, files Opened 6 years ago by rcritten. Modified 6 years ago

Close issue as:

Metadata

refactoring

#7293 Centralize updating CA certificates in NSS db, files

Opened 6 years ago by rcritten. Modified 6 years ago