Issue #8410: ACME service: deployment-wide configuration - freeipa

freeipa

#8410 ACME service: deployment-wide configuration

Closed: duplicate 3 years ago by frenaud. Opened 3 years ago by ftweedal.

Request for enhancement

As an administrator, I want to be able to enable/disable and configure the ACME service on a deployment wide basis, so that configuration is consistent across the topology at all times.

Actual behavior

Currently ipa-acme-manage must be run separately on each CA replica to configure the ACME service.

Expected behavior

Run an IPA command e.g. ipa acme-config-mod --enabled=1. That modifies an entry in LDAP, and the changes get replicated. The ACME service on each CA replica observes the change and reconfigures itself accordingly.

Additional info:

Relevant section of design document: https://www.freeipa.org/page/V4/ACME#Replicated_configuration

frenaud commented 3 years ago

Closing as duplicate of #8524 Deploy & manage the ACME service topology wide from a single system

Metadata Update from @frenaud:
- Issue close_status updated to: duplicate
- Issue status updated to: Closed (was: Open)

3 years ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#8410 ACME service: deployment-wide configuration Closed: duplicate 3 years ago by frenaud. Opened 3 years ago by ftweedal.

Request for enhancement

Actual behavior

Expected behavior

Additional info:

Metadata

#8410 ACME service: deployment-wide configuration

Closed: duplicate 3 years ago by frenaud. Opened 3 years ago by ftweedal.