diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2015-07-24 09:32:51 -0400 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-08-11 14:57:41 +0200 |
| commit | 812ab600a33f0a334e757420783583f700ec07e7 (patch) | |
| tree | 3260ede1b9b7951d0cc3566777430ec70cd50584 /ipalib | |
| parent | aafc0e980be43c4956308a39d2ca45c7e50fa3ab (diff) | |
| download | freeipa-812ab600a33f0a334e757420783583f700ec07e7.tar.gz freeipa-812ab600a33f0a334e757420783583f700ec07e7.tar.xz freeipa-812ab600a33f0a334e757420783583f700ec07e7.zip | |
Add profile for DNP3 / IEC 62351-8 certificates
The DNP3 smart-grid standard uses certificate with the IEC 62351-8
IECUserRoles extension. Add a profile for DNP3 certificates which
copies the IECUserRoles extension from the CSR, if present.
Also update cert-request to accept CSRs containing this extension.
Fixes: https://fedorahosted.org/freeipa/ticket/4752
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/cert.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index d612e9d38..b6e6d7981 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -312,6 +312,7 @@ class cert_request(VirtualCommand): '2.5.29.17': 'request certificate with subjectaltname', '2.5.29.19': None, # Basic Constraints '2.5.29.37': None, # Extended Key Usage + '1.2.840.10070.8.1': None, # IECUserRoles (DNP3 / IEC 62351-8) } def execute(self, csr, **kw): |