FreeIPA installation reports the CA configuration that will be used, including whether the CA is self-signed or externally-signed, e.g.:
... The CA will be configured with: Subject DN: CN=Certificate Authority,o=IPA.LOCAL 201805021017 Subject base: o=IPA.LOCAL 201805021017 Chaining: externally signed (two-step installation) ...
Installation with external CA takes two steps. The first step correctly reports the externally signed configuration (like the above), but the second step reports a self-signed configuration:
The CA will be configured with: Subject DN: CN=Certificate Authority,o=IPA.LOCAL 201805021017 Subject base: o=IPA.LOCAL 201805021017 Chaining: self-signed
The CA is externally signed, but the configuration gets reported incorrectly at the second step. This could confuse the administrator.
PR: https://github.com/freeipa/freeipa/pull/1894
Metadata Update from @ftweedal: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/1894
Metadata Update from @cheimes: - Issue set to the milestone: FreeIPA 4.6.4
master:
Metadata Update from @cheimes: - Issue set to the milestone: FreeIPA 4.7 (was: FreeIPA 4.6.4)
Metadata Update from @cheimes: - Issue close_status updated to: fixed
Login to comment on this ticket.