IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Use pyasn1-based PKCS#10 and X509v3 parsers instead of pyOpenSSL.

Browse Source 
The pyOpenSSL PKCS#10 parser doesn't support attributes so we can't identify
requests with subject alt names.

Subject alt names are only allowed if:
  - the host for the alt name exists in IPA
  - if binding as host principal, the host is in the services managedBy attr
This commit is contained in:
Rob Crittenden
2009-11-24 16:07:44 -05:00
committed by Jason Gerard DeRose
parent 7c2c2d6130
commit ab1667f3c1
11 changed files with 984 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
install/tools/ipa-server-install
View File

@@ -787,6 +787,10 @@ def main():
service.print_msg("restarting the KDC")
krb.restart()
# Restart httpd to pick up the new IPA configuration
service.print_msg("restarting the web server")
http.restart()
# Create a BIND instance
bind = bindinstance.BindInstance(fstore, dm_password)
bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders)