[Pki-devel] [PATCH] 807-809 Fixed PKCS #12 import for cloning.
Endi Sukma Dewata
edewata at redhat.com
Fri Aug 5 20:43:26 UTC 2016
On 8/5/2016 12:53 PM, Endi Sukma Dewata wrote:
> On 8/3/2016 7:39 PM, Endi Sukma Dewata wrote:
>> To fix cloning issue in IPA the security_database.py has been
>> modified to import all certificates and keys in the PKCS #12 file
>> before the PKI server is started. Since the PKCS #12 generated by
>> IPA may not contain the certificate trust flags, the script will
>> also reset the trust flags on the imported certificates (i.e.
>> CT,C,C for CA certificate and u,u,Pu for audit certificate).
>>
>> https://fedorahosted.org/pki/ticket/2424
>
> Patch #808 has been updated to add pkcs12.show_certs() and
> nssdb.show_certs(). Patch #809 has been rebased.
ACKed by alee (thanks!) with additional changes to fix the error message
and to add an explanation about NSS database requirement. Pushed to master.
--
Endi S. Dewata
More information about the Pki-devel
mailing list