Issue #8502: Don't create DirSRV SSCA - freeipa

freeipa

#8502 Don't create DirSRV SSCA

Closed: fixed 3 years ago by rcritten. Opened 3 years ago by cheimes.

Issue

By default lib389 installer creates a Self-Signed CA and later a temporary server certificate to bootstrap initial installation. FreeIPA does not need the CA as it uses Unix domain sockets and local connections for initial setup.

Steps to Reproduce

run ipa-server-install

Actual behavior

/etc/dirsrv/ssca exists

Expected behavior

/etc/dirsrv/ssca should not exist

Version/Release/Distribution

freeipa-server-4.8.7-1.fc32.x86_64
389-ds-base-1.4.3.10-1.fc32.x86_64

Additional info:

slapd_options.set('self_sign_cert', False) disables creation of SSCA and self-signed cert.

Metadata Update from @cheimes:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5111
- Issue set to the milestone: FreeIPA 4.8

3 years ago

rcritten commented 3 years ago

master:

3c86baf Don't create DS SSCA and self-signed cert

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 years ago

Metadata

Assignee

cheimes

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

FreeIPA 4.8

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

https://github.com/freeipa/freeipa/pull/5111

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#8502 Don't create DirSRV SSCA Closed: fixed 3 years ago by rcritten. Opened 3 years ago by cheimes.

Issue

Steps to Reproduce

Actual behavior

Expected behavior

Version/Release/Distribution

Additional info:

Metadata

#8502 Don't create DirSRV SSCA

Closed: fixed 3 years ago by rcritten. Opened 3 years ago by cheimes.