From 52a46d121bf760f6beca4622ace0a4554a679c3c Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Fri, 29 Oct 2010 16:23:21 -0400
Subject: Add support for configuring KDC certs for PKINIT

This patch adds support only for the selfsign case.
Replica support is also still missing at this stage.
---
 install/share/kdc_req.conf.template | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 install/share/kdc_req.conf.template

(limited to 'install/share/kdc_req.conf.template')

diff --git a/install/share/kdc_req.conf.template b/install/share/kdc_req.conf.template
new file mode 100644
index 000000000..872852079
--- /dev/null
+++ b/install/share/kdc_req.conf.template
@@ -0,0 +1,14 @@
+[ req ]
+default_bits       = 2048
+distinguished_name = req_distinguished_name
+attributes         = req_attributes
+prompt             = no
+output_password    = $PASSWORD
+
+[ req_distinguished_name ]
+$SUBJBASE
+$CERTNAME
+
+[ req_attributes ]
+challengePassword = A challenge password
+
-- 
cgit