freeipa

Clone
Source Code
GIT

#8524 Deploy & manage the ACME service topology wide from a single system
Closed: fixed 2 years ago by rcritten. Opened 2 years ago by rcritten.

Closed: fixed
Reopen Issue

As administrator, I want to be able to deploy and manage the ACME service topology wide from a single system, so the way how management is done is the consistent with the rest of IPA environment.

ACME is not enabled by default so the ipa-acme-manage command will remain but it only needs to be executed once to turn on/off ACME on all CA masters.

This relies on changes in dogtag in https://github.com/dogtagpki/pki/pull/562

Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1851835
2 years ago

master:

  • 2ef5319 Enable importing LDIF files not shipped by IPA
  • e13d058 Let dogtag.py be imported if the api is not initialized
  • c0d55ce Centralize enable/disable of the ACME service
  • 92c3ea4 Don't install ACME if full support is not available
  • 69ae48c Add a status option to ipa-acme-manage
  • e7fd791 ipatests: Check if ACME is enabled on all CA servers
  • d4ef64b ipatests: Collect the let's encrypt log

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
2 years ago

master:

  • b691850 Change KRA profiles in certmonger tracking so they can renew
  • 0037b69 Test that the KRA profiles can renewal its three certificates
  • 6816de0 Require PKI 10.10+ for KRA profile and ACME support

ipa-4-8:

  • 69adf81 Change KRA profiles in certmonger tracking so they can renew
  • c3c577a Test that the KRA profiles can renewal its three certificates
  • c165901 Require PKI 10.10+ for KRA profile and ACME support

ipa-4-9:

  • a9e1c01 Change KRA profiles in certmonger tracking so they can renew
  • bd4771d Test that the KRA profiles can renewal its three certificates
  • 3e530e9 Require PKI 10.10+ for KRA profile and ACME support

Login to comment on this ticket.

Metadata
None
None
None
important
None
None
None
None
None
None
None
None
None
None
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1851835
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.