[Pki-devel] [PATCH] 0019 - add client auth user to install
Ade Lee
alee at redhat.com
Thu Feb 23 04:34:25 UTC 2012
Add client auth user to default install
When a subsystem is configured, a user is created to facilitate communication
between subsystems. This user is created on the security domain ca, and is
has the subsystem certificate in its user record.
This user will be reused as a user that can talk to the database using the
subsystem certificate for client auth. To do this, this patch does the following:
1. If not the security domain master CA, adds this user to the subsystem, and
adds the subsystem cert.
2. Adds the subsystem cert subject dn to the user's record in the seeAlso attribute
3. Adds acis for this user for the $basedn and for cn=config (for VLV searches)
By default, this user and acls will be added when the system is configured.
To actually use the user and client auth, more config steps are required. They
will be doc'ed in https://fedorahosted.org/pki/ticket/5
Please review.
Ade
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-vakwetu-0019-Add-client-auth-user-to-default-install.patch
Type: text/x-patch
Size: 18653 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20120222/1e4da059/attachment.bin>
More information about the Pki-devel
mailing list