diff options
author | Pavel Vomacka <pvomacka@redhat.com> | 2016-04-25 09:38:30 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2016-06-06 18:34:33 +0200 |
commit | 91ac959fe5df817e2322428acff392d735fa414e (patch) | |
tree | 7f874fd1336659d24cf8663e80c9fbbfda65953a | |
parent | c56d65b064e1e0410c03cf1206816cad4d8d86cc (diff) | |
download | freeipa-91ac959fe5df817e2322428acff392d735fa414e.tar.gz freeipa-91ac959fe5df817e2322428acff392d735fa414e.tar.xz freeipa-91ac959fe5df817e2322428acff392d735fa414e.zip |
Extend the certificate request dialog
The command for requesting certificate for hosts and services is extended.
There is added how to add DNS name as subjectAltName.
https://fedorahosted.org/freeipa/ticket/5645
Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
-rwxr-xr-x | install/ui/src/freeipa/certificate.js | 9 | ||||
-rw-r--r-- | install/ui/test/data/ipa_init.json | 3 | ||||
-rw-r--r-- | ipaserver/plugins/internal.py | 3 |
3 files changed, 13 insertions, 2 deletions
diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js index ec653a0a4..d03be2056 100755 --- a/install/ui/src/freeipa/certificate.js +++ b/install/ui/src/freeipa/certificate.js @@ -716,10 +716,19 @@ IPA.cert.request_action = function(spec) { } var request_message = text.get('@i18n:objects.cert.request_message'); + var ext; + if (facet.entity.name === 'service' || facet.entity.name === 'host') { + ext = text.get('@i18n:objects.cert.request_message_san'); + } + else { + ext = ''; + } + request_message = request_message.replace(/\$\{san\}/g, ext); request_message = request_message.replace(/\$\{cn_name\}/g, cn_name); request_message = request_message.replace(/\$\{cn\}/g, cn); request_message = request_message.replace(/\$\{realm\}/g, IPA.env.realm); + var dialog = IPA.cert.request_dialog({ title: title, message: request_message, diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json index 6fbf4c06d..e04e9f9b9 100644 --- a/install/ui/test/data/ipa_init.json +++ b/install/ui/test/data/ipa_init.json @@ -269,7 +269,8 @@ "remove_certificate_hold_simple": "Remove Certificate Hold", "remove_certificate_hold_confirmation": "To confirm your intention to remove the certificate hold, click the \"Remove hold\" button.", "remove_from_crl": "Remove from CRL", - "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<${cn_name}>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>", + "request_message": "<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<${cn_name}>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>", + "request_message_san": " -8 '${cn}'", "requested": "Certificate requested", "revocation_reason": "Revocation reason", "revoke_certificate": "Revoke Certificate for ${entity} ${primary_key}", diff --git a/ipaserver/plugins/internal.py b/ipaserver/plugins/internal.py index 850156c34..053c47174 100644 --- a/ipaserver/plugins/internal.py +++ b/ipaserver/plugins/internal.py @@ -406,7 +406,8 @@ class i18n_messages(Command): "remove_certificate_hold_simple": _("Remove Certificate Hold"), "remove_certificate_hold_confirmation": _("To confirm your intention to remove the certificate hold, click the \"Remove hold\" button."), "remove_from_crl": _("Remove from CRL"), - "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<${cn_name}>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"), + "request_message": _("<ol> <li>Create a certificate database or use an existing one. To create a new database:<br/> <code># certutil -N -d <database path></code> </li> <li>Create a CSR with subject <em>CN=<${cn_name}>,O=<realm></em>, for example:<br/> <code># certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'${san}</code> </li> <li> Copy and paste the CSR (from <em>-----BEGIN NEW CERTIFICATE REQUEST-----</em> to <em>-----END NEW CERTIFICATE REQUEST-----</em>) into the text area below: </li> </ol>"), + "request_message_san": _(" -8 '${cn}'"), "requested": _("Certificate requested"), "revocation_reason": _("Revocation reason"), "revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"), |