Scott Reed via FreeIPA-users wrote: > Yes, I'm researching how FreeIPA handles the certificates and keys. > > What about the certificates for 2 factor authentication? You place the > certificate in the user account. Is that stored in an NSS database as well?
cert as a second factor? Anyway, IPA (dogtag) does not store private keys, only public ones. The private key storage location is up to the user. If a user wants to store your keys in their own NSS database then great, the user manages that, but it isn't mandatory. You would never want them stored in a database used by IPA (as key access is required). So IPA uses several NSS databases for its own key storage. These are not intended for general purpose use. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
