diff options
author | Simo Sorce <ssorce@redhat.com> | 2010-10-29 16:23:21 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2010-11-18 15:09:36 -0500 |
commit | 52a46d121bf760f6beca4622ace0a4554a679c3c (patch) | |
tree | 550a2bddf9ab3848da9ab33ca73529060b9e4c68 /install/share/kdc.conf.template | |
parent | 74ba0cc7c1bdb9c560324a68c16593755bcda5d8 (diff) | |
download | freeipa-52a46d121bf760f6beca4622ace0a4554a679c3c.tar.gz freeipa-52a46d121bf760f6beca4622ace0a4554a679c3c.tar.xz freeipa-52a46d121bf760f6beca4622ace0a4554a679c3c.zip |
Add support for configuring KDC certs for PKINIT
This patch adds support only for the selfsign case.
Replica support is also still missing at this stage.
Diffstat (limited to 'install/share/kdc.conf.template')
-rw-r--r-- | install/share/kdc.conf.template | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/install/share/kdc.conf.template b/install/share/kdc.conf.template index 4a2cca412..f8e07c77b 100644 --- a/install/share/kdc.conf.template +++ b/install/share/kdc.conf.template @@ -12,4 +12,6 @@ dict_file = /usr/share/dict/words default_principal_flags = +preauth ; admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab + pkinit_identity = FILE:/var/kerberos/krb5kdc/kdc.pem + pkinit_anchors = FILE:/var/kerberos/krb5kdc/cacert.pem } |