[Freeipa-devel] [PATCH] 824 make more sensible nicknames
Rob Crittenden
rcritten at redhat.com
Mon Jul 18 17:15:42 UTC 2011
Jan Cholasta wrote:
> On 11.7.2011 23:48, Rob Crittenden wrote:
>> When loading a chained CA from a PKCS#7 or PEM file we used to use very
>> generic nicknames, sometimes as bad as "Imported CA" in the case of
>> winsync. This will use the subject of the cert to get the nickname
>> instead.
>>
>> I also extended the API of some of the x509 functions to optionally take
>> in the NSS database dir. I had originally used this in the patch but did
>> it another way but still thought the changes useful.
>>
>> ticket https://fedorahosted.org/freeipa/ticket/1141
>>
>> Word of warning, this is going to require a fair bit of testing. The way
>> to test it is to install with an external CA, then install a replica
>> with a CA to be sure that works as well. Testing basic installs would be
>> handy as well.
>>
>> rob
>>
>
> ACK, everything seems to work fine.
>
> Honza
>
pushed to master and ipa-2-0
More information about the Freeipa-devel
mailing list