Re: [389-users] storing x509 certificates in the directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Luke Schierer wrote:
> On Tue, May 18, 2010 at 07:44:23PM -0600, Rich Megginson wrote:
>   
>> Luke Schierer wrote:
>>     
>>> Hi all,
>>>
>>> I have been using fedora directory server/389 directory server for a
>>> couple years now with out any real issues, so I want to start off by
>>> thanking all of the developers for the hours they put into making it
>>> available to us.
>>>
>>> Lately I have had the need to look at storeing x509 certificates in my
>>> LDAP directory, to make them available to an application we use.
>>> Looking at the documentation available on the website, it appears that
>>> the usercertificate attribute either used to be a binary attribute, or
>>> that there is a way to make it a binary attribute that I am not
>>> seeing.
>>>   
>>>       
>> It is and always has been a binary attribute.  What documentation on the 
>> website leads you to think otherwise?  We need to fix it.
>>     
>>> If the former, that it was but is no longer a binary attribute, it
>>> appears to me that the 389-console cannot handle the PEM formatted
>>> certificates, once one is added, I can no longer select that attribute
>>> to manipulate either it, or the certificate it contains.
>>>   
>>>       
>> Sounds like a bug.
>>     
>>> If the latter, that it can be changed to be binary, I would greatly
>>> appreciate a pointer on how to do so.
>>>
>>> Hopefully someone who has worked with certificates in 389-ds can give
>>> me some pointers either way, so that I can either submit a bug report,
>>> or find the right docs to be reading. Any help would be greatly
>>> appreciated.
>>>       
>
> The docs do say that it is a binary attribute, but they say that in
> the 389-console that it should have a button to select the file to
> upload.  Instead, it has a text box.  That is what confuses me.
> Should I put the filename in that text box?
>   
No, I think the text box is for the base64 encoded (i.e. PEM) cert data.
> Thanks!!
>
> Luke
>
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>   

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux