[Freeipa-devel] [PATCH] 998 certmonger restarts services on renewal
Rob Crittenden
rcritten at redhat.com
Tue Mar 27 21:40:41 UTC 2012
Certmonger will currently automatically renew server certificates but
doesn't restart the services so you can still end up with expired
certificates if you services never restart.
This patch registers are restart command with certmonger so the IPA
services will automatically be restarted to get the updated cert.
Easy to test. Install IPA then resubmit the current server certs and
watch the services restart:
# ipa-getcert list
Find the ID for either your dirsrv or httpd instance
# ipa-getcert resubmit -i <ID>
Watch /var/log/httpd/error_log or /var/log/dirsrv/slapd-INSTANCE/errors
to see the service restart.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-998-certmonger.patch
Type: text/x-patch
Size: 11142 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120327/0abbf84b/attachment.bin>
More information about the Freeipa-devel
mailing list