URL: https://github.com/freeipa/freeipa/pull/584 Title: #584: Improve the implementation of PKINIT certificate retrieval
MartinBasti commented: """ master: * 95768de06fbef78169329af12b29e4d65e4bf157 Make PKINIT certificate request logic consistent with other installers * b5b23e073e59930e4dcf14ea8031c2c0441e6344 Request PKINIT cert directly from Dogtag API on first master * bd18b5f91e3f98fa877def245c54c1cd33bd372e Move PKINIT configuration to a later stage of server/replica install * 069948466e81d99a0dd48ffffa32af50351d0189 Make wait_for_entry raise exceptions * 8f4abf7bc1607fc44f528b8a443b69cb82269e69 check that the master requesting PKINIT cert has KDC enabled * b45629fc480e61464b402ac2fc52c6f9fc61df0e check for replica's KDC entry on master before requesting PKINIT cert * a1686a90c0cc8c16c89ef1bada7f507729bf3252 Try out anonymous PKINIT after it is configured """ See the full comment at https://github.com/freeipa/freeipa/pull/584#issuecomment-286782263
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
