diff options
author | Christina Fu <cfu@redhat.com> | 2015-08-10 15:38:06 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2015-08-14 11:58:31 -0600 |
commit | 799590e6cc15f279a0ae5c700787d9c4d9b8d861 (patch) | |
tree | 4c2c7dd27e3d13cf224cc0ae80c2f06b0680a6ad | |
parent | 29d35d80bb8aba820d4fbfd2738ce6ad4bb54ade (diff) | |
download | pki-799590e6cc15f279a0ae5c700787d9c4d9b8d861.tar.gz pki-799590e6cc15f279a0ae5c700787d9c4d9b8d861.tar.xz pki-799590e6cc15f279a0ae5c700787d9c4d9b8d861.zip |
Ticket 1539 Unable to create ECC KRA Instance when kra admin key type is ECC
This patch changes the relevant CA enrollment admin profiles so that they accept
requests for EC certs. The issue actually not just affected KRA, it also affected
other non-CA subsystems.
(cherry picked from commit 017f4f9d4b3c6051f082b8c2b49d5143fd8450e9)
-rw-r--r-- | base/ca/shared/profiles/ca/AdminCert.cfg | 4 | ||||
-rw-r--r-- | base/ca/shared/profiles/ca/caAdminCert.cfg | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/base/ca/shared/profiles/ca/AdminCert.cfg b/base/ca/shared/profiles/ca/AdminCert.cfg index a54a1b755..526d05d49 100644 --- a/base/ca/shared/profiles/ca/AdminCert.cfg +++ b/base/ca/shared/profiles/ca/AdminCert.cfg @@ -30,8 +30,8 @@ policyset.adminCertSet.2.default.params.range=365 policyset.adminCertSet.2.default.params.startTime=0 policyset.adminCertSet.3.constraint.class_id=keyConstraintImpl policyset.adminCertSet.3.constraint.name=Key Constraint -policyset.adminCertSet.3.constraint.params.keyType=RSA -policyset.adminCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096 +policyset.adminCertSet.3.constraint.params.keyType=- +policyset.adminCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096,nistp256,nistp384,nistp521 policyset.adminCertSet.3.default.class_id=userKeyDefaultImpl policyset.adminCertSet.3.default.name=Key Default policyset.adminCertSet.4.constraint.class_id=noConstraintImpl diff --git a/base/ca/shared/profiles/ca/caAdminCert.cfg b/base/ca/shared/profiles/ca/caAdminCert.cfg index cd2970397..f779edb0f 100644 --- a/base/ca/shared/profiles/ca/caAdminCert.cfg +++ b/base/ca/shared/profiles/ca/caAdminCert.cfg @@ -31,8 +31,8 @@ policyset.adminCertSet.2.default.params.range=365 policyset.adminCertSet.2.default.params.startTime=0 policyset.adminCertSet.3.constraint.class_id=keyConstraintImpl policyset.adminCertSet.3.constraint.name=Key Constraint -policyset.adminCertSet.3.constraint.params.keyType=RSA -policyset.adminCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096 +policyset.adminCertSet.3.constraint.params.keyType=- +policyset.adminCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096,nistp256,nistp384,nistp521 policyset.adminCertSet.3.default.class_id=userKeyDefaultImpl policyset.adminCertSet.3.default.name=Key Default policyset.adminCertSet.4.constraint.class_id=noConstraintImpl |