Natxo Asenjo wrote:
hi rob,
On Mon, May 18, 2015 at 3:46 PM, Rob Crittenden <rcrit...@redhat.com
<mailto:rcrit...@redhat.com>> wrote:
Natxo Asenjo wrote:
On Sat, May 16, 2015 at 10:24 PM, Natxo Asenjo
<natxo.ase...@gmail.com <mailto:natxo.ase...@gmail.com>
<mailto:natxo.ase...@gmail.com <mailto:natxo.ase...@gmail.com>>>
wrote:
hi,
If I retrieve the usercertificate attribute for host
objects I get
some gibberish.
How can I decode the info I get from ldapsearch?
maybe there is a way to feed that to openssl. What I ended up
doing was
using Perl and Crypt::X509 and I can see all the certificate
elements.
They are DER-encoded files. Something like this will show the contents:
$ openssl x509 -text -in /tmp/file
$ openssl x509 -text -in ldapsearch-usercertificate-ZWnfJL
unable to load certificate
139637925009264:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
Apparently it misses some stuff.
You could try adding -inform DER
As I wrote, I already got what I needed using perl, but maybe there are
other ways.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project