Re: [Freeipa-devel] [PATCH] 0031 certprofile: add profile format explanation
On 08/12/2015 06:24 PM, Tomas Babej wrote: > > > On 08/05/2015 06:10 AM, Fraser Tweedale wrote: >> The attached patch addresses >> https://fedorahosted.org/freeipa/ticket/5089 >> >> Thanks, >> Fraser >> >> >> > > ACK, thanks for the explanations. I gather this concludes the > https://fedorahosted.org/freeipa/ticket/5089 ticket then? > > Tomas > Ah, I just noticed you say so in the initial email. There was a previous note in the ticket about not closing, so I got confused by that, but it referred to a former commit. Pushed to: master: f6b32d8eea82d686ab3cf92153fa7e1f5ded70ac ipa-4-2: 5afe202d5bbe1481ee6472e9676b636b3afd380c -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH] 0031 certprofile: add profile format explanation
On 08/05/2015 06:10 AM, Fraser Tweedale wrote: > The attached patch addresses > https://fedorahosted.org/freeipa/ticket/5089 > > Thanks, > Fraser > > > ACK, thanks for the explanations. I gather this concludes the https://fedorahosted.org/freeipa/ticket/5089 ticket then? Tomas -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH] 0031 certprofile: add profile format explanation
The attached patch addresses https://fedorahosted.org/freeipa/ticket/5089 Thanks, Fraser From 6002c60a4794c0e6ecc315e21575ef618cff6f06 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 23 Jul 2015 23:07:10 -0400 Subject: [PATCH] certprofile: add profile format explanation Part of: https://fedorahosted.org/freeipa/ticket/5089 --- ipalib/plugins/certprofile.py | 20 1 file changed, 20 insertions(+) diff --git a/ipalib/plugins/certprofile.py b/ipalib/plugins/certprofile.py index 658fbca3b4eb851eb5a22190c443044f6ceb8491..1dd4f403ee4461b83c053eb36019a8896506bb81 100644 --- a/ipalib/plugins/certprofile.py +++ b/ipalib/plugins/certprofile.py @@ -47,9 +47,29 @@ EXAMPLES: Show information about a profile: ipa certprofile-show ShortLivedUserCert + Save profile configuration to a file: +ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg + Search for profiles that do not store certificates: ipa certprofile-find --store=false +PROFILE CONFIGURATION FORMAT: + +The profile configuration format is the raw property-list format +used by Dogtag Certificate System. The XML format is not supported. + +The following restrictions apply to profiles managed by FreeIPA: + +- When importing a profile the "profileId" field, if present, must + match the ID given on the command line. + +- The "classId" field must be set to "caEnrollImpl" + +- The "auth.instance_id" field must be set to "raCertAuth" + +- The "certReqInputImpl" input class and "certOutputImpl" output + class must be used. + """) -- 2.4.3 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
