From 4640f957ade4615972a9b857a8f2e1b97e524d01 Mon Sep 17 00:00:00 2001 From: Petr Vobornik Date: Fri, 11 May 2012 13:33:07 +0200 Subject: Instructions to generate cert use certutil instead of openssl Instructions to generate certificate were changed. Now they use certutil instead of openssl. In the example is also used option for specifying key size. https://fedorahosted.org/freeipa/ticket/2725 --- ipalib/plugins/internal.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ipalib/plugins') diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 42737f7ff..30ab91640 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -322,7 +322,7 @@ class i18n_messages(Command): "privilege_withdrawn": _("Privilege Withdrawn"), "reason": _("Reason for Revocation"), "remove_from_crl": _("Remove from CRL"), - "request_message": _("
  1. Create a private key in a secure location, for example:
    # openssl genrsa -out key.pem
  2. Create a CSR with subject CN=${hostname},O=${realm}, for example:
    # openssl req -new -key key.pem -out cert.csr \\
        -subj '/O=${realm}/CN=${hostname}'
  3. Copy and paste the CSR below:
"), + "request_message": _("
  1. Examples uses NSS database located in current directory. Replace \"-d .\" in example with \"-d /path/to/database\" if NSS database is located elsewhere. If you don't have a NSS database you can create one in current directory by \"certutil -N -d .\"
  2. Create a CSR with \"CN=${hostname},O=${realm}\", for example:
    # certutil -R -d . -a -g 2048 -s 'CN=${hostname},O=${realm}'
  3. Copy and paste the CSR (the text block which starts with \"-----BEGIN NEW CERTIFICATE REQUEST-----\" and ends with \"-----END NEW CERTIFICATE REQUEST-----\") below:
"), "restore_certificate": _("Restore Certificate for ${entity} ${primary_key}"), "restore_confirmation": _("To confirm your intention to restore this certificate, click the \"Restore\" button."), "revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"), -- cgit