Closed rcritten closed 1 year ago
If there are KRAs in the topology and there isn't one on the renewal server then the KRA certificates will not be renewed because they expect another server to do it for them.
Fixes: https://github.com/freeipa/freeipa-healthcheck/issues/125
Any reason to not rely on this info?
No, I totally missed this. Dropped the search as it is much simpler code.
Thanks for the update, LGTM. I tested the same scenario as the pytest:
If there are KRAs in the topology and there isn't one on the renewal server then the KRA certificates will not be renewed because they expect another server to do it for them.
Fixes: https://github.com/freeipa/freeipa-healthcheck/issues/125