[Freeipa-users] user certificate ldap EXTERNAL authentication
Natxo Asenjo
natxo.asenjo at gmail.com
Fri Mar 4 23:57:55 UTC 2016
By the way, revoking the certificate does not block applications using it
from ldap.
I can still access the ldap server using this cert/key pair *after*
revoking the certificate using ipa cert-revoke <serialnr>. In order to
block it I need to remove the seeAlso value of the user account, or the
certificate attribute.
I do not know if this is a security issue, but maybe worthwhile documenting
just in case.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160305/f0048d40/attachment.htm>
More information about the Freeipa-users
mailing list