[Freeipa-devel] [PATCH] 342 control the certificate subject in dogtag
Jason Gerard DeRose
jderose at redhat.com
Fri Jan 8 20:51:06 UTC 2010
On Fri, 2009-12-18 at 11:05 -0500, Rob Crittenden wrote:
> Use the caIPAserviceCert profile for issuing service certs.
>
> This profile enables subject validation and ensures that the subject
> that the CA issues is uniform. The client can only request a specific
> CN, the rest of the subject is fixed.
>
> This is the first step of allowing the subject to be set at installation
> time.
>
> Also fix 2 more issues related to the return results migration.
>
> Note that with the selfsign plugin it will still issue the subject that
> was in the CSR.
>
> rob
ack. pushed to master.
More information about the Freeipa-devel
mailing list