pkidestroy ignoring UNTRUSTED_ISSUER warning

[pki-bot]

This issue was migrated from Pagure Issue #595. Originally filed by edewata (@edewata) on 2013-04-26 19:41:05:

• Closed as Invalid
• Assigned to mharmsen (@mharmsen)

---

To uninstall KRA, pkidestroy needs to remove the connector from CA by calling:

pki --ignore-cert-status UNTRUSTED_ISSUER kraconnector-del

The UNTRUSTED_ISSUER must be ignored because otherwise the CLI will prompt the pkidestroy to trust the CA certificate, which will cause it to hang.

A possible solution is to import the CA certificate during KRA installation using this command:

pki client-import-cert --ca-server

Another possible solution is to prompt the user during pkidestroy whether to trust the CA certificate.

[pki-bot]

Comment from edewata (@edewata) at 2013-04-27 22:05:54

pkidestroy also calls:

  pki --ignore-cert-status UNTRUSTED_ISSUER securitydomain-get-install-token

[pki-bot]

Comment from vakwetu (@vakwetu) at 2013-04-30 15:44:49

This is no longer valid as the code has been changed.

[pki-bot]

Comment from edewata (@edewata) at 2017-02-27 14:04:56

Metadata Update from @edewata:

• Issue assigned to mharmsen
• Issue set to the milestone: N/A