https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=237356 Resolves: bug 237356Bug Description: Move DS Admin Code into Admin Server - support cacert for configds, fix permissions.
Reviewed by: ??? Files: see diff Branch: HEADFix Description: If the Config DS is set up to use TLS/SSL, we should allow the admin to setup a new admin server to use TLS/SSL with the Config DS. The user may supply either a cacert file in ascii/pem format, or just set the CACertificate param in the .inf file to the actual ascii value. This latter option allows you to have a single .inf file that you can carry around to all of your servers that you want to set up, instead of having to have an additional file for the cacert. However, it only works for the initial setup. It should probably detect if the cacert already exists and just use it if so. File permissions need to be set correctly. The code that deals with file and directory creation should ensure that permissions are set properly. This mostly applies to the configdir, so that the config files needed to be read and written by the admin server have the correct permissions and ownership. Also fixed a minor bug about changing the admin server port, and with detecting if there is an existing config ds to use or not.
Platforms tested: RHEL4 Flag Day: no Doc impact: no https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=157471&action=diff
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
