On 21.6.2016 09:40, Pavel Vomacka wrote:

On 06/21/2016 08:34 AM, David Kupka wrote:
On 21/06/16 07:19, Jan Cholasta wrote:
On 20.6.2016 15:31, Jan Cholasta wrote:
On 20.6.2016 09:54, Jan Cholasta wrote:
On 15.6.2016 12:33, Jan Cholasta wrote:
On 14.6.2016 11:44, Jan Cholasta wrote:
On 21.4.2016 09:11, Jan Cholasta wrote:
On 6.4.2016 15:46, Pavel Vomacka wrote:

On 03/16/2016 01:50 PM, Jan Cholasta wrote:

the attached patches implement the server-side part of



thank you for the patches. I tested them and they work well. But I
like to ask you whether would be possible to extend the
response of
'basecert_find' method and probably also 'basecert_show'
response. I
think of these information:

1) information whether the certificate is issued by our CA or not.

You can check for that by comparing the issuer name of the
to "CN=Certificate Authority,$SUBJECT_BASE". You can get subject
from config-show.

2) this probably wouldn't be possible (as we discussed), but I
write it too - the information about revocation reason. The
same as
'cert_show' provides.

Added --check-revocation flag to request this information.
Currently it
works only on certificates issued by our CA.

3) MD5 and SHA1 fingerprints as the 'cert_show' method returns

Added, also included SHA-256.

Thank you again.

Updated patches attached.

Updated and rebased patches attached. Requires Fraser's sub-CA

Attaching updated patch 623, which fixes these issues found by David:

Updated and rebased patches attached.

Attaching updated patches 552 and 623, which fix the --sizelimit

Updated and rebased patches attached. The --revocation-reason option now
works as expected.


Thanks for patch set. Code looks good to me and works as expected.
Pavel will test it with WebUI and the we can hopefully push it.


Thank you for patches. Works as expected also in WebUI, so we can push it.

The word you are looking for is "ACK" ;-)

Thanks, pushed to master: b00dbca98fee86f0c7584f1f37db376db9a57566

Jan Cholasta

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to