After Enabling UserDirEnrollment Authentication Plugin , There is no xml tag to specify username and password in the xml request for caDirUserCert profile
Versions:
pki-ca-10.2.0-0.1.20140311T0344zgitb944d31.fc20.noarch pki-tools-10.2.0-0.1.20140311T0344zgitb944d31.fc20.x86_64
Downlad the profile xml using the below command
$ pki -d /opt/rhqa_pki/certs_db -n "PKI Administrator for lab.eng.pnq.redhat.com" -c redhat123 ca-cert-request-profile-show caDirUserCert --output caDirUserCert.xml
Edit caDirUserCert.xml , i see the below details:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <CertEnrollmentRequest> <ProfileID>caDirUserCert</ProfileID> <Renewal>false</Renewal> <SerialNumber></SerialNumber> <RemoteHost></RemoteHost> <RemoteAddress></RemoteAddress> <Input id="i1"> <ClassID>keyGenInputImpl</ClassID> <Name>Key Generation</Name> <Attribute name="cert_request_type"> <Value></Value> <Descriptor> <Syntax>keygen_request_type</Syntax> <Description>Key Generation Request Type</Description> </Descriptor> </Attribute> <Attribute name="cert_request"> <Value></Value> <Descriptor> <Syntax>keygen_request</Syntax> <Description>Key Generation Request</Description> </Descriptor> </Attribute> </Input> </CertEnrollmentRequest>
How do we specify the ldap username and password from the ldapbasedn configured for UserDirEnrollment ?
Moving to 10.3. We will not support using the REST enrollment interface with external auth plug-ins in 10.2.
Closed as duplicate of PKI TRAC Ticket #1463 - pki cli client-cert-request should support dir based auth
Metadata Update from @mrniranjan: - Issue set to the milestone: 10.3.0
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1471
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.