Account.enroll_certificate() assumes that userCertificate can be added only to nsAccount and does a check for DS version where this objectClass was introduced. But userCertificate is a valid attribute for inetOrgPerson objectClass too. And enroll_certificate() can be used with this objectClass.
Account.enroll_certificate()
userCertificate
nsAccount
inetOrgPerson
enroll_certificate()
Instead of relying on a DS version we should trust the server to add or reject an invalid attribute.
Commit 71cf23c fixes this issue
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/3829
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.