On Thu, Mar 05, 2020 at 02:34:42PM -, Hristina Marosevic wrote:
> Some more info (another prove that sssd does not derive the public key from
> the user certificate):
> /usr/bin/sss_ssh_authorizedkeys IIN321 when I am using only
> userCertificate;binary attribute (with the binary
On Thu, Mar 05, 2020 at 02:24:25PM -, Hristina Marosevic wrote:
> I added the content between -BEGIN CERTIFICATE- and -END
> CERTIFICATE- from the base64 user certificate and during authentication
> in the logs I saw that the user certificate was stored in the user
>
Some more info (another prove that sssd does not derive the public key from the
user certificate):
/usr/bin/sss_ssh_authorizedkeys IIN321 when I am using only
userCertificate;binary attribute (with the binary value of the certificate) is
not giving any output, while when I am using the
On Thu, Mar 05, 2020 at 07:16:45AM -, Hristina Marosevic wrote:
> Hello,
>
> By using ldapmodify command and ldif file as input.
>
> # ldif file:
> dn: uid=321,
> changetype: modify
> add: userCertificate;binary
> userCertificate;binary:
>
I added the content between -BEGIN CERTIFICATE- and -END
CERTIFICATE- from the base64 user certificate and during authentication in
the logs I saw that the user certificate was stored in the user certificate
SSSD option but there was no public key derived.
This time I deleted
So, I am not sure if I should use
userCertificate;binary:: MIIGMT..
in the ldif file.
Also, should I add the -BEGIN CERTIFICATE-/-END CERTIFICATE-
(now I am adding only the content between these lines as a value of the
userCertificate;binary attribute) ? and if yes, should
Thank you for the explanation!
BR,
Hristina
___
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
