[Freeipa-devel] [PATCH] 383 Check subject name encoding in ipa-cacert-manage renew
Martin Kosek
mkosek at redhat.com
Fri Dec 5 08:03:05 UTC 2014
On 12/04/2014 09:36 AM, Jan Cholasta wrote:
> + if x509.get_der_subject(cert, x509.DER) != der_subject:
> + raise admintool.ScriptError("Subject name encoding mismatch")
I think we can expect this to be a pretty common error, given this is the
default behavior of Microsoft Certificate Services. I would thus like to make
the error message more juicy.
We need to make sure we offer some pointers for these users or they will just
blame IPA for screwing up. So, the information I wrote
https://bugzilla.redhat.com/show_bug.cgi?id=1129558#c11
need to somehow get to the error message as a potential/likely root cause of
the problem. Whether you write it in the error message itself or update the
design page and just insert a link is up to you.
Martin
More information about the Freeipa-devel
mailing list