Luke Schierer wrote: > Hi all, > > I have been using fedora directory server/389 directory server for a > couple years now with out any real issues, so I want to start off by > thanking all of the developers for the hours they put into making it > available to us. > > Lately I have had the need to look at storeing x509 certificates in my > LDAP directory, to make them available to an application we use. > Looking at the documentation available on the website, it appears that > the usercertificate attribute either used to be a binary attribute, or > that there is a way to make it a binary attribute that I am not > seeing. > It is and always has been a binary attribute. What documentation on the website leads you to think otherwise? We need to fix it. > If the former, that it was but is no longer a binary attribute, it > appears to me that the 389-console cannot handle the PEM formatted > certificates, once one is added, I can no longer select that attribute > to manipulate either it, or the certificate it contains. > Sounds like a bug. > If the latter, that it can be changed to be binary, I would greatly > appreciate a pointer on how to do so. > > Hopefully someone who has worked with certificates in 389-ds can give > me some pointers either way, so that I can either submit a bug report, > or find the right docs to be reading. Any help would be greatly > appreciated. > You can always use ldapmodify e.g. dn: uid=username,.... changetype: modify replace: userCertificate userCertificate:: <PEM data> or userCertificate:<file:///path/to/binary/encoded/file > Thanks!! > > Luke > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
