[Freeipa-devel] [PATCHES] 0197-0205 Installing without a CA, with custom SSL certs
Jan Cholasta
jcholast at redhat.com
Thu Mar 28 17:16:30 UTC 2013
On 28.3.2013 12:20, Petr Viktorin wrote:
> On 03/26/2013 04:48 PM, Petr Viktorin wrote:
>> [...]
>
> This update adds a check for validity of the server cert's hostname,
> using python-nss.
>
This is what I have found just by looking at the patches:
Patch 197:
"We names of files with pkcs12 pins to installers ..."
This sentence does not seem right to me.
Patch 198:
+ if setup_ca:
+ print "Be sure to back up the CA certificate stored in
/etc/httpd/alias/cacert.p12"
+ print "The password for this file is in
/etc/httpd/alias/pwdfile.txt"
This is not the right message. This is the message for --selfsign.
Patch 204:
+ http_cert_name =check_pkcs12(http_pkcs12_info, ca_file, host_name)
Missing space after equal sign.
More to come tomorrow, when I'm finished with testing.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list