[Freeipa-users] EMail Address in Certificate
Fraser Tweedale
ftweedal at redhat.com
Wed Jul 22 01:09:58 UTC 2015
On Tue, Jul 21, 2015 at 10:22:01AM +0200, Günther J. Niederwimmer wrote:
> Hello,
>
> Is it possible to add a Email -Address to a user Certificate (Subject
> Alternative Name)
>
> I mean I have read something but I can't found again?
>
> Thanks for a Answer,
>
> --
> mit freundlichen Grüssen / best regards,
>
> Günther J. Niederwimmer
>
Hi Günther,
This is supported in FreeIPA 4.2, using the default profile. When
you include an rfc822Name in the subjectAltName request extension it
will be verified that it matches the user principal and then
included in final certificate.
Unfortunately there is not yet a way to automatically include an
rfc822Name SAN based on the user's email.
Cheers,
Fraser
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list