On 21.6.2016 09:40, Pavel Vomacka wrote:


On 06/21/2016 08:34 AM, David Kupka wrote:
On 21/06/16 07:19, Jan Cholasta wrote:
On 20.6.2016 15:31, Jan Cholasta wrote:
On 20.6.2016 09:54, Jan Cholasta wrote:
On 15.6.2016 12:33, Jan Cholasta wrote:
On 14.6.2016 11:44, Jan Cholasta wrote:
On 21.4.2016 09:11, Jan Cholasta wrote:
On 6.4.2016 15:46, Pavel Vomacka wrote:


On 03/16/2016 01:50 PM, Jan Cholasta wrote:
Hi,

the attached patches implement the server-side part of
<https://fedorahosted.org/freeipa/ticket/5381>.

Honza

Hi,

thank you for the patches. I tested them and they work well. But I
would
like to ask you whether would be possible to extend the
response of
'basecert_find' method and probably also 'basecert_show'
response. I
think of these information:

1) information whether the certificate is issued by our CA or not.

You can check for that by comparing the issuer name of the
certificate
to "CN=Certificate Authority,$SUBJECT_BASE". You can get subject
base
from config-show.


2) this probably wouldn't be possible (as we discussed), but I
rather
write it too - the information about revocation reason. The
same as
the
'cert_show' provides.

Added --check-revocation flag to request this information.
Currently it
works only on certificates issued by our CA.


3) MD5 and SHA1 fingerprints as the 'cert_show' method returns

Added, also included SHA-256.


Thank you again.

Updated patches attached.

Updated and rebased patches attached. Requires Fraser's sub-CA
patches.

Attaching updated patch 623, which fixes these issues found by David:
<https://paste.fedoraproject.org/378997/65913663/>.

Updated and rebased patches attached.

Attaching updated patches 552 and 623, which fix the --sizelimit
option.

Updated and rebased patches attached. The --revocation-reason option now
works as expected.




Hello!

Thanks for patch set. Code looks good to me and works as expected.
Pavel will test it with WebUI and the we can hopefully push it.

Hello,

Thank you for patches. Works as expected also in WebUI, so we can push it.

The word you are looking for is "ACK" ;-)

Thanks, pushed to master: b00dbca98fee86f0c7584f1f37db376db9a57566

--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to