diff --git a/install/ui/src/freeipa/certificate.js b/install/ui/src/freeipa/certificate.js
index ec653a0a4..d03be2056 100755
--- a/install/ui/src/freeipa/certificate.js
+++ b/install/ui/src/freeipa/certificate.js
@@ -716,10 +716,19 @@ IPA.cert.request_action = function(spec) {
}
var request_message = text.get('@i18n:objects.cert.request_message');
+ var ext;
+ if (facet.entity.name === 'service' || facet.entity.name === 'host') {
+ ext = text.get('@i18n:objects.cert.request_message_san');
+ }
+ else {
+ ext = '';
+ }
+ request_message = request_message.replace(/\$\{san\}/g, ext);
request_message = request_message.replace(/\$\{cn_name\}/g, cn_name);
request_message = request_message.replace(/\$\{cn\}/g, cn);
request_message = request_message.replace(/\$\{realm\}/g, IPA.env.realm);
+
var dialog = IPA.cert.request_dialog({
title: title,
message: request_message,
diff --git a/install/ui/test/data/ipa_init.json b/install/ui/test/data/ipa_init.json
index 6fbf4c06d..e04e9f9b9 100644
--- a/install/ui/test/data/ipa_init.json
+++ b/install/ui/test/data/ipa_init.json
@@ -269,7 +269,8 @@
"remove_certificate_hold_simple": "Remove Certificate Hold",
"remove_certificate_hold_confirmation": "To confirm your intention to remove the certificate hold, click the \"Remove hold\" button.",
"remove_from_crl": "Remove from CRL",
- "request_message": " - Create a certificate database or use an existing one. To create a new database:
# certutil -N -d <database path> - Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
# certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}' - Copy and paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to -----END NEW CERTIFICATE REQUEST-----) into the text area below:
",
+ "request_message": " - Create a certificate database or use an existing one. To create a new database:
# certutil -N -d <database path> - Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
# certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'${san} - Copy and paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to -----END NEW CERTIFICATE REQUEST-----) into the text area below:
",
+ "request_message_san": " -8 '${cn}'",
"requested": "Certificate requested",
"revocation_reason": "Revocation reason",
"revoke_certificate": "Revoke Certificate for ${entity} ${primary_key}",
diff --git a/ipaserver/plugins/internal.py b/ipaserver/plugins/internal.py
index 850156c34..053c47174 100644
--- a/ipaserver/plugins/internal.py
+++ b/ipaserver/plugins/internal.py
@@ -406,7 +406,8 @@ class i18n_messages(Command):
"remove_certificate_hold_simple": _("Remove Certificate Hold"),
"remove_certificate_hold_confirmation": _("To confirm your intention to remove the certificate hold, click the \"Remove hold\" button."),
"remove_from_crl": _("Remove from CRL"),
- "request_message": _(" - Create a certificate database or use an existing one. To create a new database:
# certutil -N -d <database path> - Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
# certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}' - Copy and paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to -----END NEW CERTIFICATE REQUEST-----) into the text area below:
"),
+ "request_message": _(" - Create a certificate database or use an existing one. To create a new database:
# certutil -N -d <database path> - Create a CSR with subject CN=<${cn_name}>,O=<realm>, for example:
# certutil -R -d <database path> -a -g <key size> -s 'CN=${cn},O=${realm}'${san} - Copy and paste the CSR (from -----BEGIN NEW CERTIFICATE REQUEST----- to -----END NEW CERTIFICATE REQUEST-----) into the text area below:
"),
+ "request_message_san": _(" -8 '${cn}'"),
"requested": _("Certificate requested"),
"revocation_reason": _("Revocation reason"),
"revoke_certificate": _("Revoke Certificate for ${entity} ${primary_key}"),