On Tue, Aug 04, 2015 at 05:39:01PM +0200, Martin Babinsky wrote:
> I am working on the update of
> http://www.freeipa.org/page/V4/User_Certificates design page.
> For now I have edited the "Feature Management" and "Howto Test" sections.
> Since this is my first time writing/editing designs, there surely is a room
> for improvement. Feel free to send me corrections or edit the parts you
> don't like outright.

The caIPAuserCert.txt file (content) is missing.

Not sure if we want to recommend

        sed '1d;$d' cert.pem

-- maybe command to convert to DER and then base64-encode would
be more generic?


        add ldap_user_certificate = userCertificate;binary to the domain 
section of sssd.conf

step -- will it stay or is sssd going to be updated to use that value
automagically? In that case, link to the ticket we are waiting for
(https://fedorahosted.org/sssd/ticket/2742 ?) should be added so
that it's clear that this step should be removed when the ticket
is addressed.

Otherwise, great effort with the How to Test section.

Jan Pazdziora
Senior Principal Software Engineer, Identity Management Engineering, Red Hat

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to