#6824 Add workaround for pki_pin for FIPS
Closed: fixed 7 years ago Opened 7 years ago by stlaz.

Dogtag is unable to create a strong-enough PIN in FIPS (https://pagure.io/dogtagpki/issue/2556 - they only use some numbers) to be used to create an NSS database.
Add a workaround setting pki_pin to a random value we can generate by ipautil.ipa_generate_password().


Metadata Update from @stlaz:
- Issue assigned to stlaz

7 years ago

Metadata Update from @stlaz:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/663

7 years ago

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1436657

7 years ago

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1436657

7 years ago

ipa-4-5:

  • 39eac72 Generate PIN for PKI to help Dogtag in FIPS

master:

  • e204d03 Generate PIN for PKI to help Dogtag in FIPS

Metadata Update from @tkrizek:
- Issue close_status updated to: fixed
- Issue priority set to: 2
- Issue set to the milestone: FreeIPA 4.5.1
- Issue status updated to: Closed (was: Open)

7 years ago

Log in to comment on this ticket.

Metadata