[Freeipa-devel] [PATCH] 924 display both hex and decimal serial numbers
Jan Cholasta
jcholast at redhat.com
Mon Jan 16 17:54:23 UTC 2012
Dne 16.1.2012 18:37, Dmitri Pal napsal(a):
> On 01/16/2012 12:09 PM, Jan Cholasta wrote:
>> Dne 13.1.2012 20:53, Rob Crittenden napsal(a):
>>> When viewing a certificate it will show the serial number as hex (dec).
>>>
>>> # ipa service-show HTTP/rawhide.example.com
>>> Principal: HTTP/rawhide.example.com at EXAMPLE.COM
>>> Certificate: [snip]
>>> Keytab: True
>>> Managed by: rawhide.example.com
>>> Subject: CN=rawhide.example.com,O=EXAMPLE.COM
>>> Serial Number: 0x403 (1027)
>>> Issuer: CN=EXAMPLE.COM Certificate Authority
>>> Not Before: Fri Jan 13 15:00:44 2012 UTC
>>> Not After: Thu Jan 13 15:00:44 2022 UTC
>>> Fingerprint (MD5): e5:43:17:0d:8d:af:d6:69:d8:fb:eb:ca:79:fb:47:69
>>> Fingerprint (SHA1):
>>> c2:9e:8e:de:42:c9:4a:29:cc:b0:a0:de:57:c7:b7:d8:f9:b5:fe:e6
>>>
>>> rob
>>>
>>
>> NACK
>>
>> Displaying a host or a service in the webUI fails with "IPA error
>> 3009: invalid 'serial_number': Decimal or hexadecimal number is
>> required for serial number".
>>
>> I would suggest to do the nifty formatting of serial numbers on the
>> client side, that would fix the webUI issue, allow non-IPA clients to
>> parse the number without dissecting the string representation of it
>> and probably also save me a hack in the type conversion overhaul. You
>> could for example add a parameter flag like "format_serial_number" to
>> indicate to the client that it should format the value as a serial
>> number.
>>
>> Honza
>>
>
> Somewhat related question about cert serial numbers...
> Can the serial numbers be arbitrarily strings in future or serial number
> is always a number by spec? Is it a GUID?
>
AFAIK it must be an integer.
--
Jan Cholasta
More information about the Freeipa-devel
mailing list