[Freeipa-devel] [freeipa PR#542][comment] Implementation independent interface for CSR generation
LiptonB
freeipa-github-notification at redhat.com
Tue Mar 7 13:55:46 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/542
Title: #542: Implementation independent interface for CSR generation
LiptonB commented:
"""
Thanks for the feedback. I will put together a new version using CFFI and the `openssl req` format for subject names.
Regarding helpers, this code has all CSR generation go through the `CertificationRequestInfo`-based flow, so the other helpers can't actually be accessed. Maybe we should remove the helper/formatter abstraction entirely, and have the new format (raw openssl config) be the only jinja template available. This makes things simpler but will remove all support for NSS databases until we add it to the new flow. What do you think? (An alternative would be to remove only the `openssl` helper, and add a `CertificationRequestInfoFormatter` in its place).
"""
See the full comment at https://github.com/freeipa/freeipa/pull/542#issuecomment-284727415
More information about the Freeipa-devel
mailing list