403b09
From 57f643fa5ba0382bbe8a35bd3cc6fe7bec721064 Mon Sep 17 00:00:00 2001
403b09
From: Stanislav Laznicka <slaznick@redhat.com>
403b09
Date: Fri, 15 Jul 2016 14:04:59 +0200
403b09
Subject: [PATCH] Improvements for the ipa-cacert-manage man and help
403b09
403b09
The man page for ipa-cacert-manage didn't mention that some
403b09
options are only applicable to the install some to the renew
403b09
subcommand.
403b09
403b09
Also fixed a few missing articles.
403b09
403b09
https://fedorahosted.org/freeipa/ticket/6013
403b09
403b09
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
403b09
---
403b09
 install/tools/man/ipa-cacert-manage.1  | 38 ++++++++++++++++++++++------------
403b09
 ipaserver/install/ipa_cacert_manage.py |  2 +-
403b09
 2 files changed, 26 insertions(+), 14 deletions(-)
403b09
403b09
diff --git a/install/tools/man/ipa-cacert-manage.1 b/install/tools/man/ipa-cacert-manage.1
403b09
index 1f37788336048e412eee71757f236c9944860514..f0a1033ab372c2f923a883b385c0e3304b98f56f 100644
403b09
--- a/install/tools/man/ipa-cacert-manage.1
403b09
+++ b/install/tools/man/ipa-cacert-manage.1
403b09
@@ -20,7 +20,9 @@
403b09
 .SH "NAME"
403b09
 ipa\-cacert\-manage \- Manage CA certificates in IPA
403b09
 .SH "SYNOPSIS"
403b09
-\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] \fICOMMAND\fR
403b09
+\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] renew
403b09
+.RE
403b09
+\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] install \fICERTFILE\fR
403b09
 .SH "DESCRIPTION"
403b09
 \fBipa\-cacert\-manage\fR can be used to manage CA certificates in IPA.
403b09
 .SH "COMMANDS"
403b09
@@ -29,7 +31,7 @@ ipa\-cacert\-manage \- Manage CA certificates in IPA
403b09
 \- Renew the IPA CA certificate
403b09
 .sp
403b09
 .RS
403b09
-This command can be used to manually renew CA certificate of the IPA CA.
403b09
+This command can be used to manually renew the CA certificate of the IPA CA.
403b09
 .sp
403b09
 When the IPA CA is the root CA (the default), it is not usually necessary to manually renew the CA certificate, as it will be renewed automatically when it is about to expire, but you can do so if you wish.
403b09
 .sp
403b09
@@ -42,13 +44,30 @@ When the IPA CA is not configured, this command is not available.
403b09
 \- Install a CA certificate
403b09
 .sp
403b09
 .RS
403b09
-This command can be used to install new CA certificate to IPA.
403b09
+This command can be used to install the certificate contained in \fICERTFILE\fR as a new CA certificate to IPA.
403b09
 .RE
403b09
-.SH "OPTIONS"
403b09
+.SH "COMMON OPTIONS"
403b09
+.TP
403b09
+\fB\-\-version\fR
403b09
+Show the program's version and exit.
403b09
+.TP
403b09
+\fB\-h\fR, \fB\-\-help\fR
403b09
+Show the help for this program.
403b09
 .TP
403b09
 \fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
403b09
 The Directory Manager password to use for authentication.
403b09
 .TP
403b09
+\fB\-v\fR, \fB\-\-verbose\fR
403b09
+Print debugging information.
403b09
+.TP
403b09
+\fB\-q\fR, \fB\-\-quiet\fR
403b09
+Output only errors.
403b09
+.TP
403b09
+\fB\-\-log\-file\fR=\fIFILE\fR
403b09
+Log to the given file.
403b09
+.RE
403b09
+.SH "RENEW OPTIONS"
403b09
+.TP
403b09
 \fB\-\-self\-signed\fR
403b09
 Sign the renewed certificate by itself.
403b09
 .TP
403b09
@@ -57,6 +76,8 @@ Sign the renewed certificate by external CA.
403b09
 .TP
403b09
 \fB\-\-external\-cert\-file\fR=\fIFILE\fR
403b09
 File containing the IPA CA certificate and the external CA certificate chain. The file is accepted in PEM and DER certificate and PKCS#7 certificate chain formats. This option may be used multiple times.
403b09
+.RE
403b09
+.SH "INSTALL OPTIONS"
403b09
 .TP
403b09
 \fB\-n\fR \fINICKNAME\fR, \fB\-\-nickname\fR=\fINICKNAME\fR
403b09
 Nickname for the certificate.
403b09
@@ -73,15 +94,6 @@ T \- CA trusted to issue client certificates
403b09
 .IP
403b09
 p \- not trusted
403b09
 .RE
403b09
-.TP
403b09
-\fB\-v\fR, \fB\-\-verbose\fR
403b09
-Print debugging information.
403b09
-.TP
403b09
-\fB\-q\fR, \fB\-\-quiet\fR
403b09
-Output only errors.
403b09
-.TP
403b09
-\fB\-\-log\-file\fR=\fIFILE\fR
403b09
-Log to the given file.
403b09
 .SH "EXIT STATUS"
403b09
 0 if the command was successful
403b09
 
403b09
diff --git a/ipaserver/install/ipa_cacert_manage.py b/ipaserver/install/ipa_cacert_manage.py
403b09
index de13ad39397ae5e9b924b0621521e5fc6016c8e6..32ef25c7aac3e57d27955b6a2608adb6a1626019 100644
403b09
--- a/ipaserver/install/ipa_cacert_manage.py
403b09
+++ b/ipaserver/install/ipa_cacert_manage.py
403b09
@@ -35,7 +35,7 @@ from ipaserver.install import certs, cainstance, installutils
403b09
 class CACertManage(admintool.AdminTool):
403b09
     command_name = 'ipa-cacert-manage'
403b09
 
403b09
-    usage = "%prog {renew|install} [options]"
403b09
+    usage = "%prog renew [options]\n%prog install [options] CERTFILE"
403b09
 
403b09
     description = "Manage CA certificates."
403b09
 
403b09
-- 
403b09
2.7.4
403b09