URL: https://github.com/freeipa/freeipa/pull/5199 Author: rcritten Title: #5199: Change KRA profiles in certmonger tracking so they can renew Action: opened PR body: """ Change KRA profiles in certmonger tracking so they can renew Internal profiles were assigned which prevented rewewals. dogtag is providing a new profile for the audit signing cert, caAuditSigningCert. There are existing profiles for the transport (caTransportCert) and storage (caStorageCert) certificates. https://pagure.io/freeipa/issue/8545 Signed-off-by: Rob Crittenden <rcritten(a)redhat.com&gt; **NOTE**: This is WIP because the necessary profile is only in the pki nightly repo. We want this backported to other supported IPA branches but they may be delayed depending on when pki builds are available. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5199/head:pr5199 git checkout pr5199