diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2009-12-18 11:01:00 -0500 |
|---|---|---|
| committer | Jason Gerard DeRose <jderose@redhat.com> | 2010-01-08 13:36:16 -0700 |
| commit | b8016807ebb95b97f0a4631574be484371f4dcd0 (patch) | |
| tree | 8d1a2fbd28d53e5911a3158e316d9d6ac32c03e4 /ipaserver | |
| parent | 864490ff41c306b7388dd08ab5091df2f8310a55 (diff) | |
| download | freeipa-b8016807ebb95b97f0a4631574be484371f4dcd0.tar.gz freeipa-b8016807ebb95b97f0a4631574be484371f4dcd0.tar.xz freeipa-b8016807ebb95b97f0a4631574be484371f4dcd0.zip | |
Use the caIPAserviceCert profile for issuing service certs.
This profile enables subject validation and ensures that the subject
that the CA issues is uniform. The client can only request a specific
CN, the rest of the subject is fixed.
This is the first step of allowing the subject to be set at
installation time.
Also fix 2 more issues related to the return results migration.
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/plugins/dogtag.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/plugins/dogtag.py b/ipaserver/plugins/dogtag.py index 710a50a3d..9b799d45d 100644 --- a/ipaserver/plugins/dogtag.py +++ b/ipaserver/plugins/dogtag.py @@ -1511,7 +1511,7 @@ class ra(rabase.rabase): http_status, http_reason_phrase, http_headers, http_body = \ self._sslget('/ca/ee/ca/profileSubmit', self.env.ca_ee_port, - profileId='caRAserverCert', + profileId='caIPAserviceCert', cert_request_type=request_type, cert_request=csr, xml='true') |