diff options
author | Stanislav Laznicka <slaznick@redhat.com> | 2017-10-16 13:29:07 +0200 |
---|---|---|
committer | Tomas Krizek <tkrizek@redhat.com> | 2017-10-17 16:43:15 +0200 |
commit | 9b8b7afeb406f042c8c6d46f84cbb04126ac5204 (patch) | |
tree | f853690837abe3d3de302df4658061360a977a1b /ipalib | |
parent | 48dc9bb9ba86c0708d9042852470f3b968231150 (diff) | |
download | freeipa-9b8b7afeb406f042c8c6d46f84cbb04126ac5204.tar.gz freeipa-9b8b7afeb406f042c8c6d46f84cbb04126ac5204.tar.xz freeipa-9b8b7afeb406f042c8c6d46f84cbb04126ac5204.zip |
p11-kit: add serial number in DER format
This causes Firefox to report our CA certificate as not-trustworthy.
We were previously doing this correctly, however it slipped as an
error due to certificate refactoring.
https://pagure.io/freeipa/issue/7210
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/x509.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ipalib/x509.py b/ipalib/x509.py index 9f7a3c311..205e2f82d 100644 --- a/ipalib/x509.py +++ b/ipalib/x509.py @@ -123,18 +123,21 @@ class IPACertificate(object): # some field types encode-decoding is not strongly defined self._subject = self.__get_der_field('subject') self._issuer = self.__get_der_field('issuer') + self._serial_number = self.__get_der_field('serialNumber') def __getstate__(self): state = { '_cert': self.public_bytes(Encoding.DER), '_subject': self.subject_bytes, '_issuer': self.issuer_bytes, + '_serial_number': self._serial_number, } return state def __setstate__(self, state): self._subject = state['_subject'] self._issuer = state['_issuer'] + self._issuer = state['_serial_number'] self._cert = crypto_x509.load_der_x509_certificate( state['_cert'], backend=default_backend()) @@ -216,6 +219,10 @@ class IPACertificate(object): return self._cert.serial_number @property + def serial_number_bytes(self): + return self._serial_number + + @property def version(self): return self._cert.version |