summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Vomacka <pvomacka@redhat.com>2016-04-25 09:38:30 +0200
committerPetr Vobornik <pvoborni@redhat.com>2016-06-06 18:34:33 +0200
commit91ac959fe5df817e2322428acff392d735fa414e (patch)
tree7f874fd1336659d24cf8663e80c9fbbfda65953a
parentc56d65b064e1e0410c03cf1206816cad4d8d86cc (diff)
downloadfreeipa-91ac959fe5df817e2322428acff392d735fa414e.tar.gz
freeipa-91ac959fe5df817e2322428acff392d735fa414e.tar.xz
freeipa-91ac959fe5df817e2322428acff392d735fa414e.zip
Extend the certificate request dialog
The command for requesting certificate for hosts and services is extended. There is added how to add DNS name as subjectAltName. https://fedorahosted.org/freeipa/ticket/5645 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Diffstat
-rwxr-xr-xinstall/ui/src/freeipa/certificate.js9
-rw-r--r--install/ui/test/data/ipa_init.json3
-rw-r--r--ipaserver/plugins/internal.py3
3 files changed, 13 insertions, 2 deletions
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index ec653a0a4..d03be2056 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -716,10 +716,19 @@ IPA.cert.request_action = function(spec) {
}
var request_message = text.get('@i18n:objects.cert.request_message');
+ var ext;
+ if (facet.entity.name === 'service' || facet.entity.name === 'host') {
+ ext = text.get('@i18n:objects.cert.request_message_san');
+ }
+ else {
+ ext = '';
+ }
+ request_message = request_message.replace(/\$\{san\}/g, ext);
request_message = request_message.replace(/\$\{cn_name\}/g, cn_name);
request_message = request_message.replace(/\$\{cn\}/g, cn);
request_message = request_message.replace(/\$\{realm\}/g, IPA.env.realm);
+
var dialog = IPA.cert.request_dialog({
title: title,
message: request_message,
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 6fbf4c06d..e04e9f9b9 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -269,7 +269,8 @@
"remove_certificate_hold_simple": "Remove Certificate Hold",
"remove_certificate_hold_confirmation": "To confirm your intention to remove the certificate hold, click the \"Remove hold\" button.",
"remove_from_crl": "Remove from CRL",
- "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> <li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g &lt;key size&gt; -s 'CN=${cn},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>",
+ "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> <li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g &lt;key size&gt; -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>",
+ "request_message_san": " -8 '${cn}'",
"requested": "Certificate requested",
"revocation_reason": "Revocation reason",
"revoke_certificate": "Revoke Certificate for ${entity} ${primary_key}",
diff --git a/ipaserver/plugins/internal.py b/ipaserver/plugins/internal.py
index 850156c34..053c47174 100644
--- a/ipaserver/plugins/internal.py
+++ b/ipaserver/plugins/internal.py
@@ -406,7 +406,8 @@ class i18n_messages(Command):
"remove_certificate_hold_simple": _("Remove Certificate Hold"),
"remove_certificate_hold_confirmation": _("To confirm your intention to remove the certificate hold, click the \"Remove hold\" button."),
"remove_from_crl": _("Remove from CRL"),
- "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> <li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g &lt;key size&gt; -s 'CN=${cn},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"),
+ "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d &lt;database path&gt;</code> </li> <li>Create a CSR with subject <em>CN=&lt;${cn_name}&gt;,O=&lt;realm&gt;</em>, for example:<br/> <code># certutil -R -d &lt;database path&gt; -a -g &lt;key size&gt; -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"),
+ "request_message_san": _(" -8 '${cn}'"),
"requested": _("Certificate requested"),
"revocation_reason": _("Revocation reason"),
"revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"),
generated by cgit (git 2.34.1) at 2024-06-07 07:05:40 +0000