[Pki-devel] [PATCH] 147 - provide enrollment template per profile.

[Ade Lee]

This patch adds an API call to the ProfileService interface to obtain an
enrollment template for a particular profile.  The template is simply a
CertEnrollmentRequest with the relevant inputs for the profile filled
in.  The user would then need to simply enter the relevant values and
submit the request using the REST API cert-request-submit.

I think that someone who is using this interface would do one of two
things:

1. Manually edit the template to generate the request.
2. Write client code to add the relevant data to the
CertEnrollmentRequest object.

In fact, I plan to submit a patch that will extend the pki CLI to allow
you to enter the data for a request interactively or through command
line arguments.

It would go something like this:
1. pki cert-request-submit --profile caCertUser
2. CLI will contact Profile service and get the relevant template which
is a CertEnrollmentRequest object.
3. CLI will then iterate through the attributes (which are all uniquely
named) and prompt for their value.  The descriptor metadata can be used
to help generate the prompt.
4. CLI will take these results, populate the CertEnrollmentRequest and
send to server.
5. CLI can also take an invocation that looks like this perhaps:
pki cert-request-submit --profile caCertUser --profileArgs [--sn_e
alee at redhat.com --sn_cn "Ade Lee" ... ] so that you can do it all on the
command line.

Please review.
Ade



-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-vakwetu-0147-Provide-enrollment-template-per-profile.patch
Type: text/x-patch
Size: 12857 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20130828/14b8d815/attachment.bin>