On Tue, Aug 04, 2015 at 05:39:01PM +0200, Martin Babinsky wrote: > > I am working on the update of > http://www.freeipa.org/page/V4/User_Certificates design page. > > For now I have edited the "Feature Management" and "Howto Test" sections. > > Since this is my first time writing/editing designs, there surely is a room > for improvement. Feel free to send me corrections or edit the parts you > don't like outright.
The caIPAuserCert.txt file (content) is missing. Not sure if we want to recommend sed '1d;$d' cert.pem -- maybe command to convert to DER and then base64-encode would be more generic? That add ldap_user_certificate = userCertificate;binary to the domain section of sssd.conf step -- will it stay or is sssd going to be updated to use that value automagically? In that case, link to the ticket we are waiting for (https://fedorahosted.org/sssd/ticket/2742 ?) should be added so that it's clear that this step should be removed when the ticket is addressed. Otherwise, great effort with the How to Test section. -- Jan Pazdziora Senior Principal Software Engineer, Identity Management Engineering, Red Hat -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code