On 14.7.2016 13:44, Fraser Tweedale wrote:
The attached patch includes SANs in cert-show output. If you have
certs with esoteric altnames (especially any that are more than just
ASN.1 string types), please test with those certs.
I think it would be better to have a separate attribute for each
supported SAN type rather than cramming everything into
subject_alt_name. That way if you care only about a single specific type
you won't have to go through all the values and parse them. Also it
would allow you to use param types appropriate to the SAN types
(DNSNameParam for DNS names, Principal for principal names, etc.)
Nitpick: please don't mix moving existing stuff and adding new stuff in
a single patch.
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code