diff options
author | Martin Basti <mbasti@redhat.com> | 2016-06-29 17:49:47 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-06-30 13:21:04 +0200 |
commit | fed9d9aaa73604f6e100acbe2d3c192f4e4676e8 (patch) | |
tree | 1ebbf59f9167f03966ec3bea599c0ef7a58eb2b2 | |
parent | a155f692e7ad7807a5ea28250d1e72b3e821991e (diff) | |
download | freeipa-fed9d9aaa73604f6e100acbe2d3c192f4e4676e8.tar.gz freeipa-fed9d9aaa73604f6e100acbe2d3c192f4e4676e8.tar.xz freeipa-fed9d9aaa73604f6e100acbe2d3c192f4e4676e8.zip |
cert.py split module docstring to multiple ugetext string
It is hard to translate whole dosctring again and again aftear each
minor change. This split will make life for translators easier. (Just note: dosctring was
changed and that is the reason why I'm sending this, because translators
must translate it again anyway)
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
-rw-r--r-- | ipaserver/plugins/cert.py | 74 |
1 files changed, 37 insertions, 37 deletions
diff --git a/ipaserver/plugins/cert.py b/ipaserver/plugins/cert.py index 888621fc5..63351c54c 100644 --- a/ipaserver/plugins/cert.py +++ b/ipaserver/plugins/cert.py @@ -56,89 +56,89 @@ if six.PY3: __doc__ = _(""" IPA certificate operations - +""") + _(""" Implements a set of commands for managing server SSL certificates. - +""") + _(""" Certificate requests exist in the form of a Certificate Signing Request (CSR) in PEM format. - +""") + _(""" The dogtag CA uses just the CN value of the CSR and forces the rest of the subject to values configured in the server. - +""") + _(""" A certificate is stored with a service principal and a service principal needs a host. - +""") + _(""" In order to request a certificate: - +""") + _(""" * The host must exist * The service must exist (or you use the --add option to automatically add it) - +""") + _(""" SEARCHING: - +""") + _(""" Certificates may be searched on by certificate subject, serial number, revocation reason, validity dates and the issued date. - +""") + _(""" When searching on dates the _from date does a >= search and the _to date does a <= search. When combined these are done as an AND. - +""") + _(""" Dates are treated as GMT to match the dates in the certificates. - +""") + _(""" The date format is YYYY-mm-dd. - +""") + _(""" EXAMPLES: - +""") + _(""" Request a new certificate and add the principal: ipa cert-request --add --principal=HTTP/lion.example.com example.csr - +""") + _(""" Retrieve an existing certificate: ipa cert-show 1032 - +""") + _(""" Revoke a certificate (see RFC 5280 for reason details): ipa cert-revoke --revocation-reason=6 1032 - +""") + _(""" Remove a certificate from revocation hold status: ipa cert-remove-hold 1032 - +""") + _(""" Check the status of a signing request: ipa cert-status 10 - +""") + _(""" Search for certificates by hostname: ipa cert-find --subject=ipaserver.example.com - +""") + _(""" Search for revoked certificates by reason: ipa cert-find --revocation-reason=5 - +""") + _(""" Search for certificates based on issuance date ipa cert-find --issuedon-from=2013-02-01 --issuedon-to=2013-02-07 - +""") + _(""" Search for certificates owned by a specific user: ipa cert-find --user=user - +""") + _(""" Examine a certificate: ipa cert-find --file=cert.pem --all - +""") + _(""" Verify that a certificate is owner by a specific user: ipa cert-find --file=cert.pem --user=user - +""") + _(""" IPA currently immediately issues (or declines) all certificate requests so the status of a request is not normally useful. This is for future use or the case where a CA does not immediately issue a certificate. - +""") + _(""" The following revocation reasons are supported: - * 0 - unspecified - * 1 - keyCompromise - * 2 - cACompromise - * 3 - affiliationChanged - * 4 - superseded - * 5 - cessationOfOperation - * 6 - certificateHold - * 8 - removeFromCRL - * 9 - privilegeWithdrawn - * 10 - aACompromise - +""") + _(""" * 0 - unspecified +""") + _(""" * 1 - keyCompromise +""") + _(""" * 2 - cACompromise +""") + _(""" * 3 - affiliationChanged +""") + _(""" * 4 - superseded +""") + _(""" * 5 - cessationOfOperation +""") + _(""" * 6 - certificateHold +""") + _(""" * 8 - removeFromCRL +""") + _(""" * 9 - privilegeWithdrawn +""") + _(""" * 10 - aACompromise +""") + _(""" Note that reason code 7 is not used. See RFC 5280 for more details: - +""") + _(""" http://www.ietf.org/rfc/rfc5280.txt """) |