bsmejkal / 389-ds-base

Forked from 389-ds-base 5 years ago
Clone
Source Code
GIT

aca3ae8 Issue 50952- SSCA lacks basicConstraint:CA

Authored and Committed by mhonek 4 years ago
raw patch tree parent
1 file changed. 4 lines added. 2 lines removed.
src/lib389/lib389/nss_ssl.py
file modified
+4 -2 
    Issue 50952- SSCA lacks basicConstraint:CA
    
    Bug Description:
    SSCA CA cert lacks basicConstraint:CA and for that reason it may not be
    acknowledged as a CA cert by some tools, e.g. in case of system-wide
    update-ca-trust tool.
    
    Fix Description:
    Add the constraint while generating the cert. And yes, we need to use stdin
    since certutil does not provide a silent mode for this option.
    
    Fixes https://pagure.io/389-ds-base/issue/50952
    
    Author: Matus Honek <mhonek@redhat.com>
    
    Review by: Mark, William (thanks!)
file modified
+4 -2
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.