for fully functional cisco-network-equipment we have to add some (two) more CSR und CRT Attributes: - unstructuredName - unstructuredAddress
they have this in there requests (at least the pix-firewall) and you also have to add in the certificate...
so it has to be added at the: servers config (ra and ca)
CSR_SUPPORTED_ATTRIBUTES "unstructuredName" "unstructuredAddress"
and i think some changes for the ldap interface are necessary? it is not in the standard schemas and i don't know if the ldap code needs to be changed to have this attributes supported
We have only to change ldap-utils.lib and pkiCA.schema. I think it is time to rename pkiCA.schema to openca.schema.
Some additional notes, both attributes are part of the objectclass naturalPerson (RFC 2985). It's a cool idea by CISCO to use an attribute of naturalPerson for an SCEP device. Therefore I will not use naturalPerson. I will use the objectclasses from Entrust again. They defined cEPdevice.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
