freeipa

Clone
Source Code
GIT

Commits 137

ipa-1-0 ipa-1-1 ipa-1-2 ipa-2-0 ipa-2-1 ipa-2-2 ipa-3-0 ipa-3-1 ipa-3-2 ipa-3-3 ipa-4-0 ipa-4-1 ipa-4-10 ipa-4-10-CVE-2023-5455 ipa-4-11 ipa-4-11-CVE-2023-5455 ipa-4-11-CVE-2024-2698-and-CVE-2024-3183 ipa-4-12 ipa-4-12-CVE-2024-11029 ipa-4-12-CVE-2024-2698-and-CVE-2024-3183 ipa-4-2 ipa-4-3 ipa-4-4 ipa-4-5 ipa-4-6 ipa-4-6-CVE-2019-10195-and-CVE-2019-14867 ipa-4-6-CVE-2020-10747 ipa-4-6-CVE-2023-5455 ipa-4-7 ipa-4-7-CVE-2019-10195-and-CVE-2019-14867 ipa-4-8 ipa-4-8-CVE-2019-10195-and-CVE-2019-14867 ipa-4-8-CVE-2020-10747 ipa-4-9 ipa-4-9-CVE-2023-5455 master webui-cleanup
Fix reference before assignment
Fraser Tweedale • 8 years ago  
924794f
private_ccache: yield ccache name
Fraser Tweedale • 8 years ago  
caca181
Add sanity checks for use of --ca-subject and --subject-base
Fraser Tweedale • 8 years ago  
0c95a00
Indicate that ca subject / subject base uses LDAP RDN order
Fraser Tweedale • 8 years ago  
3f56609
Allow full customisability of IPA CA subject DN
Fraser Tweedale • 8 years ago  
3d01ec1
Reuse self.api when executing ca_enabled_check
Fraser Tweedale • 8 years ago  
09a65df
dsinstance: extract function for writing certmap.conf
Fraser Tweedale • 8 years ago  
f54df62
ipa-ca-install: add missing --subject-base option
Fraser Tweedale • 8 years ago  
46bf0e8
Extract function for computing default subject base
Fraser Tweedale • 8 years ago  
6f3eb85
installer: rename --subject to --subject-base
Fraser Tweedale • 8 years ago  
c6db493
installutils: remove hardcoded subject DN assumption
Fraser Tweedale • 8 years ago  
db66740
Refactor and relocate set_subject_base_in_config
Fraser Tweedale • 8 years ago  
324183c
dsinstance: minor string fixes
Fraser Tweedale • 8 years ago  
a5fb5f2
Set up DS TLS on replica in CA-less topology
Fraser Tweedale • 8 years ago  
6f7d982
Remove "Request Certificate with SubjectAltName" permission
Fraser Tweedale • 8 years ago  
bdbb1c3
Fix DL1 replica installation in CA-less topology
Fraser Tweedale • 8 years ago  
4028ad7
certprofile-mod: correctly authorise config update
Fraser Tweedale • 8 years ago  
fec4c32
Fix regression in test suite
Fraser Tweedale • 8 years ago  
74b8cf2
Add options to write lightweight CA cert or chain to file
Fraser Tweedale • 8 years ago  
32b1743
certdb: accumulate extracted certs as list of PEMs
Fraser Tweedale • 8 years ago  
cc5b88e
Add function for extracting PEM certs from PKCS #7
Fraser Tweedale • 8 years ago  
c7ea56c
cert-request: match names against principal aliases
Fraser Tweedale • 8 years ago  
dfbdb53
Remove references to ds_newinst.pl
Fraser Tweedale • 8 years ago  
687ebd1
cert-request: accept CSRs with extraneous data
Fraser Tweedale • 8 years ago  
e1df2e0
Ensure correct IPA CA nickname in DS and HTTP NSSDBs
Fraser Tweedale • 8 years ago  
cdd41e0
Remove __main__ code from ipalib.x509 and ipalib.pkcs10
Fraser Tweedale • 8 years ago  
b0430b6
x509: use python-cryptography to process certs
Fraser Tweedale • 8 years ago  
db116f7
x509: use pyasn1-modules X.509 specs
Fraser Tweedale • 8 years ago  
c57dc89
x509: avoid use of nss.data_to_hex
Fraser Tweedale • 8 years ago  
44c2d68
pkcs10: remove pyasn1 PKCS #10 spec
Fraser Tweedale • 8 years ago  
8548728
pkcs10: use python-cryptography for CSR processing
Fraser Tweedale • 8 years ago  
66637f7
dn: support conversion from python-cryptography Name
Fraser Tweedale • 8 years ago  
9522970
cert-show: show validity in default output
Fraser Tweedale • 8 years ago  
b6a3c9d
Do not create Object Signing certificate
Fraser Tweedale • 8 years ago  
eb6bfd8
Add commentary about CA deletion to plugin doc
Fraser Tweedale • 8 years ago  
2b8163a
spec: require Dogtag >= 10.3.5-6
Fraser Tweedale • 8 years ago  
6b3f498
sudorule: add SELinux transition examples to plugin doc
Fraser Tweedale • 8 years ago  
ff490b6
Fix cert revocation when removing all certs via host/service-mod
Fraser Tweedale • 8 years ago  
97d4ffc
cert-request: raise error when request fails
Fraser Tweedale • 8 years ago  
1f1c93d
Make host/service cert revocation aware of lightweight CAs
Fraser Tweedale • 8 years ago  
daeaf2a
cert-request: raise CertificateOperationError if CA disabled
Fraser Tweedale • 8 years ago  
520ad7d
Use Dogtag REST API for certificate requests
Fraser Tweedale • 8 years ago  
4c35afc
Add HTTPRequestError class
Fraser Tweedale • 8 years ago  
c5cbc8d
Allow Dogtag RestClient to perform requests without logging in
Fraser Tweedale • 8 years ago  
2a42a7e
Add ca-disable and ca-enable commands
Fraser Tweedale • 8 years ago  
c7e0dbc
Track lightweight CAs on replica installation
Fraser Tweedale • 8 years ago  
08b7683
cert-show: show subject alternative names
Fraser Tweedale • 8 years ago  
48aaf2b
x509: include otherName DER value in GeneralNameInfo
Fraser Tweedale • 8 years ago  
a381d88
x509: use NSS enums and OIDs to identify SAN types
Fraser Tweedale • 8 years ago  
e3acc36
x509: fix SAN directoryName parsing
Fraser Tweedale • 8 years ago  
dae82b2
Move GeneralName parsing code to ipalib.x509
Fraser Tweedale • 8 years ago  
0245d2a
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.