[Freeipa-devel] [PATCH 0046] Don't fail in find/show methods if userCertificate is invalid
Rob Crittenden
rcritten at redhat.com
Thu Jun 9 13:14:52 UTC 2016
Stanislav Laznicka wrote:
> On 06/09/2016 02:51 PM, Rob Crittenden wrote:
>> Stanislav Laznicka wrote:
>>> Hello,
>>>
>>> Please see the attached patch of
>>> https://fedorahosted.org/freeipa/ticket/5797.
>>>
>>> Standa
>>>
>>>
>>>
>>
>> Just wondering out loud but should usercertificate be excluded from
>> the output if it is unparsable? Is there any value in showing that a
>> bogus value is in there?
>>
>> rob
> I think it is a good pointer that something has gone wrong with the
> certificate. Another way would be to print 'Invalid certificate' instead
> of it similar to what Apache LDAP Browser does.
My point is that if there is no usercertificate value shown then it
would be safe to assume there is no certificate associated with the
entry at all which isn't true. I think a message would be nice.
rob
More information about the Freeipa-devel
mailing list