summaryrefslogtreecommitdiffstats
path: root/ipapython/secrets/kem.py
Commit message (Collapse)AuthorAgeFilesLines
* Optionally add service name to Custodia key DNsFraser Tweedale2016-06-091-5/+22
| | | | | | | | | | | | | | | | | | | Lightweight CAs support introduces new service principals for Dogtag, with Custodia keys. The current Custodia key creation uses a DN that contains only they key type and the hostname, so keys for multiple services on the same host cannot be created. Add the 'generate_keys' method to generate keys for a host or an arbitrary service. When a service name is given, add the key entries in a nested container with RDN 'cn=<service name>'. (The container is assumed to exist). This change does not affect searching because subtree search is used, filtering on the ipaKeyUsage and memberPrincipal attributes. Part of: https://fedorahosted.org/freeipa/ticket/4559 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* ipapython.secrets.kem: Use ConfigParser from six.movesPetr Viktorin2016-05-301-2/+2
| | | | | | | | | In Python 3, the module name changed from 'ConfigParser' to 'configparser'. Use the appropriate location from six. Part of the work for: https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Martin Basti <mbasti@redhat.com>
* custodia: do not modify memberPrincipal on key updateJan Cholasta2015-12-071-2/+1
| | | | | | | https://fedorahosted.org/freeipa/ticket/5401 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Simo Sorce <ssorce@redhat.com>
* Add ipa-custodia serviceSimo Sorce2015-10-151-0/+205
Add a customized Custodia daemon and enable it after installation. Generates server keys and loads them in LDAP autonomously on install or update. Provides client code classes too. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-01 14:24:44 +0000