There's no way to create a private key and a CSR with dsconf/Cockpit. However, features for importing a certificate exists, but DS also requires the private key in the NSS database to use the certificate.
389-ds-base-1.4.1.6-2.module+el8dsrv+3912+aa2ce078.x86_64
Users must create the private key and then the CSR with certutil in DS's NSS database (same as in the past). Then the CSR can be used to request a certificate from the CA and, later, the certificate can be imported with dsconf/Cockpit.
Metadata Update from @mhonek: - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Issue tagged with: CLI, Security
Another (related) missing feature is adding a CRL to the NSS database.
Yeah, I always wanted dsconf to have the private key handling available, but I think it was implemented differently with the webui. Anyway, this would be good to have.
@mhonek I think we may want a seperate issue for CRL handling?
Metadata Update from @mreynolds: - Issue set to the milestone: 1.4.0
Metadata Update from @mreynolds: - Issue priority set to: normal - Issue set to the milestone: 1.4.1 (was: 1.4.0)
Metadata Update from @mreynolds: - Issue set to the milestone: 1.4.3 (was: 1.4.1)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/3604
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.