[Freeipa-devel] [PATCH 0013-0015] Automatic CSR generation - usability improvements
Ben Lipton
blipton at redhat.com
Tue Aug 9 20:07:48 UTC 2016
Aaand there's a typo in patch 15. Updated version attached.
On 08/09/2016 02:22 PM, Ben Lipton wrote:
> Hello,
>
> The attached patches improve upon my last patchset to:
>
> 0013: Add support for generating a full script that makes a CSR,
> rather than just a config, and use that support to automate the full
> flow from script generation through cert issuance
> Usage note: the UI for this could probably use work. I currently have
> the --helper-args param that allows additional data to be passed to
> the helper. Commonly this would be something like:
> Certutil: --helper-args '-d /path/to/nss/db' (precreated with certutil
> -N -d /path/to/nss/db)
> Openssl: --helper-args 'd /path/to/keyfile' (precreated with openssl
> genrsa -out /path/to/keyfile)
> See the commit message for a full command line.
>
> 0014: Allow the feature to be used by non-admin users
>
> 0015: Improve error handling by reporting a nice message if the
> mapping rules are broken, or if the data required to generate the
> subject DN is missing
>
> These improvements may make it easier to test the other patches.
>
> Thanks,
> Ben
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160809/3e47239c/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-blipton-0015-2-Improve-error-handling-for-certificate-mapping.patch
Type: text/x-patch
Size: 5507 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160809/3e47239c/attachment.bin>
More information about the Freeipa-devel
mailing list