[Freeipa-devel] [PATCH] 824 make more sensible nicknames
Rob Crittenden
rcritten at redhat.com
Mon Jul 11 21:48:36 UTC 2011
When loading a chained CA from a PKCS#7 or PEM file we used to use very
generic nicknames, sometimes as bad as "Imported CA" in the case of
winsync. This will use the subject of the cert to get the nickname instead.
I also extended the API of some of the x509 functions to optionally take
in the NSS database dir. I had originally used this in the patch but did
it another way but still thought the changes useful.
ticket https://fedorahosted.org/freeipa/ticket/1141
Word of warning, this is going to require a fair bit of testing. The way
to test it is to install with an external CA, then install a replica
with a CA to be sure that works as well. Testing basic installs would be
handy as well.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-824-nicknames.patch
Type: text/x-diff
Size: 7350 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110711/93dac945/attachment.bin>
More information about the Freeipa-devel
mailing list