Commit - 389-ds-base - d214765932c9c701ea03e6663b03419b96426337

mreynolds / 389-ds-base

Forked from 389-ds-base 6 years ago

Source
Stats

The permissions on this repository are being updated. This may take a while. During this time, you or some of the project's contributors may not be able to push to this repository.

`d214765` Ticket 49650 - lib389 enable_tls doesn't work on F28

1 file Authored by mhonek 5 years ago, Committed by spichugi 5 years ago,

raw patch tree parent

1 file changed. 2 lines added. 0 lines removed.

src/lib389/lib389/nss_ssl.py

file modified

+2 -0

    Ticket 49650 - lib389 enable_tls doesn't work on F28
    
    Bug Description: In the lib389 we have the method inst.enable_tls().
    It creates certificates and sets up the server for TLS communication.
    It works on F27 built from master branch and doesn't work on F28.
    It happens because on F28 openssl fails to verify the certificate.
    
    Fix Description: We should create CA with an appropriate flag.
    It can be done by setting an X.509 V3 Certificate Type Extension
    in the certificate to 'certSigning' value.
    
    https://pagure.io/389-ds-base/issue/49650
    
    Author: mhonek
    
    Review by: spichugi, wibrown (Thanks!)