module ipa_httpd 2.0;

require {
        type httpd_t;
        type cert_t;
        class file write;
}

# Let Apache access the NSS certificate database so it can issue certs
# See ipa_httpd.fc for the list of files that are granted write access
allow httpd_t cert_t:file write;