[Freeipa-devel] [PATCH] 210 Allow SAN in IPA certificate profile
Simo Sorce
simo at redhat.com
Tue Jan 21 16:12:28 UTC 2014
On Tue, 2014-01-21 at 14:02 +0100, Jan Cholasta wrote:
> + request = None
> + try:
> + request = pkcs10.load_certificate_request(csr)
> + subject = pkcs10.get_subject(request)
> + subjectaltname = pkcs10.get_subjectaltname(request)
Will this make the request fail if there is no subjectaltname ?
Later in the patch you seem to be changing from needing managedby_host
to needing write access to an entry, I am not sure I understand why that
was changed. not saying it is necessarily wrong, but why the original
check is not right anymore ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list