diff options
| author | Jan Cholasta <jcholast@redhat.com> | 2014-06-10 14:04:36 +0200 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2014-07-30 16:04:21 +0200 |
| commit | 25c10bc161880667dcf3ae7cba460696687c65e6 (patch) | |
| tree | 46fa2d0d7cc766df58c5862007100ced2d273947 | |
| parent | 61f166da5d3db99418d410e45ade2a872097d967 (diff) | |
| download | freeipa-25c10bc161880667dcf3ae7cba460696687c65e6.tar.gz freeipa-25c10bc161880667dcf3ae7cba460696687c65e6.tar.xz freeipa-25c10bc161880667dcf3ae7cba460696687c65e6.zip | |
Add LDAP schema for certificate store.
Part of https://fedorahosted.org/freeipa/ticket/3259
Part of https://fedorahosted.org/freeipa/ticket/3520
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
| -rw-r--r-- | install/share/65ipacertstore.ldif | 8 | ||||
| -rw-r--r-- | install/share/Makefile.am | 1 | ||||
| -rwxr-xr-x | install/share/copy-schema-to-ca.py | 1 | ||||
| -rw-r--r-- | ipaserver/install/dsinstance.py | 1 |
4 files changed, 11 insertions, 0 deletions
diff --git a/install/share/65ipacertstore.ldif b/install/share/65ipacertstore.ldif new file mode 100644 index 000000000..99cfe65e4 --- /dev/null +++ b/install/share/65ipacertstore.ldif @@ -0,0 +1,8 @@ +dn: cn=schema +attributeTypes: (2.16.840.1.113730.3.8.11.56 NAME 'ipaCertSubject' DESC 'Subject name' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'IPA v4.1' ) +attributeTypes: (2.16.840.1.113730.3.8.11.57 NAME 'ipaCertIssuerSerial' DESC 'Issuer name and serial number' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v4.1' ) +attributeTypes: (2.16.840.1.113730.3.8.11.58 NAME 'ipaKeyTrust' DESC 'Key trust (unknown, trusted, distrusted)' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'IPA v4.1' ) +attributeTypes: (2.16.840.1.113730.3.8.11.59 NAME 'ipaKeyUsage' DESC 'Allowed key usage' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'IPA v4.1' ) +attributeTypes: (2.16.840.1.113730.3.8.11.60 NAME 'ipaKeyExtUsage' DESC 'Allowed extended key usage' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 X-ORIGIN 'IPA v4.1' ) +objectClasses: (2.16.840.1.113730.3.8.12.27 NAME 'ipaCertificate' SUP top STRUCTURAL MUST ( cn $ ipaCertIssuerSerial $ ipaCertSubject $ ipaPublicKey ) MAY ( ipaConfigString ) X-ORIGIN 'IPA v4.1' ) +objectClasses: (2.16.840.1.113730.3.8.12.28 NAME 'ipaKeyPolicy' SUP top AUXILIARY MAY ( ipaKeyTrust $ ipaKeyUsage $ ipaKeyExtUsage ) X-ORIGIN 'IPA v4.1' ) diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 5dcc37d9e..7d5b67a78 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -16,6 +16,7 @@ app_DATA = \ 60basev3.ldif \ 60ipadns.ldif \ 61kerberos-ipav3.ldif \ + 65ipacertstore.ldif \ 65ipasudo.ldif \ 70ipaotp.ldif \ anonymous-vlv.ldif \ diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py index 68f7dfdbd..fc53fe4cb 100755 --- a/install/share/copy-schema-to-ca.py +++ b/install/share/copy-schema-to-ca.py @@ -31,6 +31,7 @@ SCHEMA_FILENAMES = ( "60basev3.ldif", "60ipadns.ldif", "61kerberos-ipav3.ldif", + "65ipacertstore.ldif", "65ipasudo.ldif", "70ipaotp.ldif", "05rfc2247.ldif", diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index e503cb220..2cd75b07d 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -58,6 +58,7 @@ IPA_SCHEMA_FILES = ("60kerberos.ldif", "60basev3.ldif", "60ipadns.ldif", "61kerberos-ipav3.ldif", + "65ipacertstore.ldif", "65ipasudo.ldif", "70ipaotp.ldif", "15rfc2307bis.ldif", |