[Freeipa-devel] [PATCHES] 172-196 Refactor certificate renewal code
Jan Cholasta
jcholast at redhat.com
Thu Oct 17 12:21:21 UTC 2013
Hi,
this patchset contains refactoring of the certificate renewal code,
which will be the base for CA certificate renewal.
The biggest change is a new certmonger CA helper
dogtag-ipa-ca-renew-agent, which replaces
dogtag-ipa-retrieve-agent-submit as well as parts of certmonger
post-commands used in certificate renewal. It provides more flexibility
when doing renewals and allows unified certmonger configuration on both
CA master and clones.
How to test: Test both CA-ful and CA-less server and replica installs
and upgrades, check that certmonger is configured properly and
certificate renewal works (see
https://fedorahosted.org/freeipa/ticket/2803#comment:17 for details).
Dependencies:
freeipa-jcholast-161.3-Fix-certificate-renewal-scripts-to-work-with-separat.patch.
Honza
--
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-172-Move-CACERT-definition-to-a-single-place.patch
Type: text/x-patch
Size: 12152 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-173-Do-not-create-CA-certificate-files-in-CA-less-server.patch
Type: text/x-patch
Size: 2029 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-174-Use-LDAP-API-to-upload-CA-certificate-instead-of-lda.patch
Type: text/x-patch
Size: 2812 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-175-Upload-CA-certificate-from-DS-NSS-database-in-CA-les.patch
Type: text/x-patch
Size: 3106 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-176-Remove-unused-method-export_ca_cert-of-dsinstance.patch
Type: text/x-patch
Size: 979 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-177-Show-progress-when-enabling-SSL-in-DS-in-ipa-server-.patch
Type: text/x-patch
Size: 3253 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0005.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-178-Add-Dogtag-service-name-to-Dogtag-constants.patch
Type: text/x-patch
Size: 7410 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0006.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-179-Do-not-start-the-service-in-stopped_service-if-it-wa.patch
Type: text/x-patch
Size: 1115 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0007.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-180-Use-certmonger-D-Bus-API-to-configure-certmonger-in-.patch
Type: text/x-patch
Size: 5235 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0008.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-181-Add-new-certmonger-CA-helper-dogtag-ipa-ca-renew-age.patch
Type: text/x-patch
Size: 4388 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0009.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-182-Update-pkcs10-module-functions-to-always-load-CSRs-a.patch
Type: text/x-patch
Size: 5459 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0010.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-183-Remove-unused-function-get_subjectaltname-from-the-c.patch
Type: text/x-patch
Size: 1300 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0011.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-184-Add-function-for-parsing-friendly-name-from-certific.patch
Type: text/x-patch
Size: 2835 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0012.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-185-Support-retrieving-renewed-certificates-from-LDAP-in.patch
Type: text/x-patch
Size: 3740 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0013.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-186-Use-dogtag-ipa-ca-renew-agent-to-retrieve-renewed-ce.patch
Type: text/x-patch
Size: 4871 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0014.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-187-Remove-dogtag-ipa-retrieve-agent-submit.patch
Type: text/x-patch
Size: 4780 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0015.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-188-Support-storing-renewed-certificates-to-LDAP-in-dogt.patch
Type: text/x-patch
Size: 5246 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0016.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-189-Use-dogtag-ipa-ca-renew-agent-to-track-certificates-.patch
Type: text/x-patch
Size: 12333 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0017.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-190-Move-is_master-from-cainstance.CAInstance-to-cainsta.patch
Type: text/x-patch
Size: 2959 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0018.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-191-Make-the-default-dogtag-ipa-ca-renew-agent-behavior-.patch
Type: text/x-patch
Size: 3043 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0019.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-192-Merge-restart_pkicad-functionality-to-renew_ca_cert-.patch
Type: text/x-patch
Size: 7274 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0020.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-193-Merge-restart_httpd-functionality-to-renew_ra_cert.patch
Type: text/x-patch
Size: 2132 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0021.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-194-Use-the-same-certmonger-configuration-for-both-CA-ma.patch
Type: text/x-patch
Size: 8746 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0022.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-195-Update-certmonger-configuration-in-ipa-upgradeconfig.patch
Type: text/x-patch
Size: 7235 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0023.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-196-Support-exporting-CSRs-in-dogtag-ipa-ca-renew-agent.patch
Type: text/x-patch
Size: 1755 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20131017/3f2ebf26/attachment-0024.bin>
More information about the Freeipa-devel
mailing list