freeipa

Clone
Source Code
GIT

3ecea78 Configure PKI AJP Secret with 256-bit secret

3 files Authored by cipherboy 3 years ago, Committed by cheimes 3 years ago,
raw patch tree parent
3 files changed. 6 lines added. 1 lines removed.
install/share/ipaca_customize.ini
file modified
+1 -0
install/share/ipaca_default.ini
file modified
+2 -0
ipaserver/install/dogtaginstance.py
file modified
+3 -1 
    Configure PKI AJP Secret with 256-bit secret
    
    By default, PKI's AJP secret is generated as a 75-bit password. By
    generating it in IPA, we can guarantee the strength of the AJP secret.
    It makes sense to use a stronger AJP secret because it typically
    isn't rotated; access to AJP allows an attacker to impersonate an admin
    while talking to PKI.
    
    Fixes: https://pagure.io/freeipa/issue/8372
    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1849146
    Related: https://bugzilla.redhat.com/show_bug.cgi?id=1845447
    Related: https://github.com/dogtagpki/pki/pull/437
    
    Signed-off-by: Alexander Scheel <ascheel@redhat.com>
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
file modified
+1 -0
file modified
+2 -0
file modified
+3 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.