freeipa

Clone
Source Code
GIT

13917dd certdb: validate server cert signature

Authored and Committed by cheimes 5 years ago
raw patch tree parent
1 file changed. 9 lines added. 2 lines removed.
ipapython/certdb.py
file modified
+9 -2 
    certdb: validate server cert signature
    
    PR https://github.com/freeipa/freeipa/pull/2554 added the '-e' option for CA
    cert validation. Let's also verify signature, key size, and signing algorithm
    of server certs. With the '-e' option, the installer and other
    tools will catch weak certs early.
    
    Fixes: pagure.io/freeipa/issue/7761
    Signed-off-by: Christian Heimes <cheimes@redhat.com>
    Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
file modified
+9 -2
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.