Kees Bakker,
If it is, I'm certainly not seeing it done on Ubuntu 16.04 or Ubuntu 18.04 and based on Rob's comment it might not be done if I'm understanding him correctly.
-Kevin
On Thu, Oct 10, 2019 at 8:19 AM Kees Bakker via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
On 10-10-19 14:35, Rob Crittenden via FreeIPA-users wrote
Kevin Vasko via FreeIPA-users wrote:
How would I validate that certs are getting added properly on a CentOS machine system wide store?
I’m going to test it today to find out if this is a problem unique to Ubuntu/CentOS.
On Fedora the chain is put into /etc/pki/ca-trust/source/anchors/ipa-ca.crt and update-ca-trust is executed.
There is no Debian/Ubuntu equivalent in the upstream source (it's possible it is done in packaging). You could try something like:
cp /etc/ipa/ca.crt /usr/local/share/ca-certificates/ipa-ca.crt update-ca-certificates
This is already done by ipa-client-install _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...