On Tue, Jul 21, 2015 at 10:22:01AM +0200, Günther J. Niederwimmer wrote:
> Is it possible to add a Email -Address to a user Certificate (Subject
> Alternative Name)
> I mean I have read something but I can't found again?
> Thanks for a Answer,
> mit freundlichen Grüssen / best regards,
> Günther J. Niederwimmer
This is supported in FreeIPA 4.2, using the default profile. When
you include an rfc822Name in the subjectAltName request extension it
will be verified that it matches the user principal and then
included in final certificate.
Unfortunately there is not yet a way to automatically include an
rfc822Name SAN based on the user's email.
> Manage your subscription for the Freeipa-users mailing list:
> Go to http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project