[Freeipa-devel] Update of User Certificates design page
Jan Pazdziora
jpazdziora at redhat.com
Tue Aug 4 16:47:45 UTC 2015
On Tue, Aug 04, 2015 at 05:39:01PM +0200, Martin Babinsky wrote:
>
> I am working on the update of
> http://www.freeipa.org/page/V4/User_Certificates design page.
>
> For now I have edited the "Feature Management" and "Howto Test" sections.
>
> Since this is my first time writing/editing designs, there surely is a room
> for improvement. Feel free to send me corrections or edit the parts you
> don't like outright.
The caIPAuserCert.txt file (content) is missing.
Not sure if we want to recommend
sed '1d;$d' cert.pem
-- maybe command to convert to DER and then base64-encode would
be more generic?
That
add ldap_user_certificate = userCertificate;binary to the domain section of sssd.conf
step -- will it stay or is sssd going to be updated to use that value
automagically? In that case, link to the ticket we are waiting for
(https://fedorahosted.org/sssd/ticket/2742 ?) should be added so
that it's clear that this step should be removed when the ticket
is addressed.
Otherwise, great effort with the How to Test section.
--
Jan Pazdziora
Senior Principal Software Engineer, Identity Management Engineering, Red Hat
More information about the Freeipa-devel
mailing list