On 04/16/2015 10:03 AM, Fraser Tweedale wrote:
Hi everyone,

Please review my Certificate Profiles design proposal:

Let me know what is unclear, what needs expansion, and what is plain
wrong :)

The schema for storing multiple certificates for a principal is
still being discussed but I expect it will be agreed soon, and I
will add it to the document.

I am revising the sub-CAs design proposal and it will soon be
published for review as well.


Hello Fraser,

I will reiterate one of my concernes from our private mails here for the wider audience :)

I'd really like to have a way how to list the profiles managed by IPA other than using the dogtag REST API directly. Simple wrapper around the api call for /ca/rest/profiles[/$id[/raw]] endpoints returning a list of IDs [and dumping the profile to file] for the sake of consistency, since other endpoints are wrapped by ipa commands, would be sufficient for me.

This can be also used to query the information (at least the list of IDs) when used in the web UI.

I don't know how exactly dogtag is wired into IPA (I've seen that there is separate suffix on the DS instance) and I don't really need to duplicate any data into the defaultNamingContext
and its subtree.


Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to