[Pki-devel] [PATCH] 529 Updated KRA Python client library.
Abhishek Koneru
akoneru at redhat.com
Thu Oct 9 18:58:38 UTC 2014
On Thu, 2014-10-09 at 11:40 -0400, Ade Lee wrote:
> On Wed, 2014-10-08 at 13:45 -0500, Endi Sukma Dewata wrote:
> > The Python client library for KRA has been modified to simplify
> > the usage. The NSSCryptoProvider's setup_database() and __init__()
> > now take a password file parameter. The import_cert() now can
> > take either cert binary/encoded data or CertData object. It also
> > provides a default value for the trust attribute. The KRAClient
> > now stores the crypto provider object.
> >
> > The KRA test has been updated to provide options to override
> > the default test configuration (e.g. hostname, port). It also has
> > been modified to use a temporary NSS database. The setup document
> > has been updated to describe the process to run the test as root
> > and as a regular user.
> >
>
> Looks good. ACK.
>
> Just one issue below:
>
> 1. In crypto.py, in lines 117-120, is it possible for an exception to be
> thrown, leaving the password file lying around? That is one of the
> advantages of the with ... construction. Maybe move lines 116 -120 into
> the try: block.
In the drmtest readme file, in the last section it should be -
pki ~/.dogtag/pki-tomcat/ca/alias -c <password> client-cert-show "PKI
Administrator for example.com" --client-cert kraagent.pem
Other than that ACK from me too.
> Ade
> > _______________________________________________
> > Pki-devel mailing list
> > Pki-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-devel
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list