I'm curious as to how IPA handles smart cards containing multiple certificates. When I follow the steps listed at https://fedorahosted.org/sssd/wiki/DesignDocs/SmartcardAuthenticationStep1 when installing my certificate, I notice the certutil command dumps all installed certificates, and dumps the certificates in a different order depending on which certificate is selected. When the server tries to match a certificate does it compare all certificates as one long continuous string, or does it compare one certificate at a time? I'm curious if this presents a problem for the end-user or has this problem been addressed?
-- *Michael Rainey*
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project