Kojiweb allows clients to authenticate with the browser, using a pkcs12 file.
koji-ssl-admin will generate a private key and public cert in two PEM-formatted files (kdreyer.key and kdreyer.crt), but it does not currently generate a pkcs12 file with that key material.
koji-ssl-admin
kdreyer.key
kdreyer.crt
The CLI command to generate a pkcs12 file is like so:
openssl pkcs12 -export -inkey kdreyer.key -in kdreyer.crt -CAfile koji-ca.crt -out kdreyer_browser_cert.p12
We should be able to do this with python-cryptography instead when we do koji-ssl-admin sign kdreyer.csr.
koji-ssl-admin sign kdreyer.csr
This PR implements this: https://pagure.io/koji-tools/pull-request/23
#23 is merged now.
Metadata Update from @ktdreyer: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.