Kees Bakker,
If it is, I'm certainly not seeing it done on Ubuntu 16.04 or Ubuntu
18.04 and based on Rob's comment it might not be done if I'm
understanding him correctly.
-Kevin
On Thu, Oct 10, 2019 at 8:19 AM Kees Bakker via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
>
> On 10-10-19 14:35, Rob Crittenden via FreeIPA-users wrote
> >
> > Kevin Vasko via FreeIPA-users wrote:
> >> How would I validate that certs are getting added properly on a CentOS
machine system wide store?
> >>
> >> I’m going to test it today to find out if this is a problem unique to
Ubuntu/CentOS.
> > On Fedora the chain is put into
> > /etc/pki/ca-trust/source/anchors/ipa-ca.crt and update-ca-trust is executed.
> >
> > There is no Debian/Ubuntu equivalent in the upstream source (it's
> > possible it is done in packaging). You could try something like:
> >
> > cp /etc/ipa/ca.crt /usr/local/share/ca-certificates/ipa-ca.crt
> > update-ca-certificates
> This is already done by ipa-client-install
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...