freeipa.git - FreeIPA patches

diff options

author	Fraser Tweedale <ftweedal@redhat.com>	2015-12-07 16:14:28 +1100
committer	Martin Basti <mbasti@redhat.com>	2016-07-19 14:18:04 +0200
commit	b12db924143cd6828c596c0b8a261325f3f589f3 (patch)
tree	5b004b8f20fb6e553bfc9ae8df32ae8dc01f8c86 /ipapython/errors.py
parent	b144bf527db76573590255d4ac80e9dfd813ba3d (diff)
download	freeipa-b12db924143cd6828c596c0b8a261325f3f589f3.tar.gz freeipa-b12db924143cd6828c596c0b8a261325f3f589f3.tar.xz freeipa-b12db924143cd6828c596c0b8a261325f3f589f3.zip

Create server and host certs with DNS altname

Currently server (HTTP / LDAP) certs are created without a Subject Alternative Name extension during server install, replica prepare and host enrolment, a potentially problematic violation of RFC 2818. Add the hostname as a SAN dNSName when these certs are created. (Certmonger adds an appropriate request extension when renewing the certificate, so nothing needs to be done for renewal). Fixes: https://fedorahosted.org/freeipa/ticket/4970 Reviewed-By: Petr Spacek <pspacek@redhat.com>

Diffstat (limited to 'ipapython/errors.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: