On 06/21/2016 08:34 AM, David Kupka wrote:
On 21/06/16 07:19, Jan Cholasta wrote:
On 20.6.2016 15:31, Jan Cholasta wrote:
On 20.6.2016 09:54, Jan Cholasta wrote:
On 15.6.2016 12:33, Jan Cholasta wrote:
On 14.6.2016 11:44, Jan Cholasta wrote:
On 21.4.2016 09:11, Jan Cholasta wrote:
On 6.4.2016 15:46, Pavel Vomacka wrote:

On 03/16/2016 01:50 PM, Jan Cholasta wrote:

the attached patches implement the server-side part of



thank you for the patches. I tested them and they work well. But I
like to ask you whether would be possible to extend the response of 'basecert_find' method and probably also 'basecert_show' response. I
think of these information:

1) information whether the certificate is issued by our CA or not.

You can check for that by comparing the issuer name of the
to "CN=Certificate Authority,$SUBJECT_BASE". You can get subject base
from config-show.

2) this probably wouldn't be possible (as we discussed), but I
write it too - the information about revocation reason. The same as
'cert_show' provides.

Added --check-revocation flag to request this information.
Currently it
works only on certificates issued by our CA.

3) MD5 and SHA1 fingerprints as the 'cert_show' method returns

Added, also included SHA-256.

Thank you again.

Updated patches attached.

Updated and rebased patches attached. Requires Fraser's sub-CA

Attaching updated patch 623, which fixes these issues found by David:

Updated and rebased patches attached.

Attaching updated patches 552 and 623, which fix the --sizelimit option.

Updated and rebased patches attached. The --revocation-reason option now
works as expected.


Thanks for patch set. Code looks good to me and works as expected. Pavel will test it with WebUI and the we can hopefully push it.


Thank you for patches. Works as expected also in WebUI, so we can push it.

Pavel^3 Vomacka

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to