[Freeipa-devel] [PATCH] 351 Support MS CA as the external CA in ipa-server-install and ipa-ca-install
Martin Kosek
mkosek at redhat.com
Wed Oct 8 10:49:17 UTC 2014
On 10/08/2014 11:53 AM, Jan Cholasta wrote:
> Hi,
>
> the attached patch fixes <https://fedorahosted.org/freeipa/ticket/4496>.
>
> Note that this requires pki-core 10.2.0-3.
>
> Honza
The approach looks OK, but I would like to be better in naming documentation:
+ cert_group.add_option("--external-ca-type", dest="external_ca_type",
+ type="choice", choices=("generic", "ms"),
+ help="Type of the external CA")
I would name the option either "ad-cs" or "windows-server-ca", i.e. "Active
Directory Certificate Services" or "Windows Server CA". "ms" sounds too generic
to me in this context. When using trademarks we should be specific about what
do we mean.
Same for man:
+\fB\-\-external\-ca\-type\fR=\fITYPE\fR
+Type of the external CA. Possible values are generic, ms. Default value is
generic. Use ms to include MS template name extension in the CSR.
+.TP
I would be more verbose and write
... Use "windows-server-ca" to include Windows Server CA specific template name
extension (1.3.6.1.4.1.311.20.2) set in the CSR.
More information about the Freeipa-devel
mailing list