Make data type of certificates more obvious/predictable internally.

2011-06-21T23:09:50+00:00

For the most part certificates will be treated as being in DER format.
When we load a certificate we will generally accept it in any format but
will convert it to DER before proceeding in normalize_certificate().

This also re-arranges a bit of code to pull some certificate-specific
functions out of ipalib/plugins/service.py into ipalib/x509.py.

This also tries to use variable names to indicate what format the certificate
is in at any given point:

dercert: DER
cert: PEM
nsscert: a python-nss Certificate object
rawcert: unknown format

ticket 32

Require an imported certificate's issuer to match our issuer.

2011-06-16T23:27:17+00:00

The goal is to not import foreign certificates.

This caused a bunch of tests to fail because we had a hardcoded server
certificate. Instead a developer will need to run make-testcert to
create a server certificate generated by the local CA to test against.

ticket 1134

freeipa.git/make-testcert, branch master

Make data type of certificates more obvious/predictable internally.

Require an imported certificate's issuer to match our issuer.