mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
certprofile: add profile format explanation
Part of: https://fedorahosted.org/freeipa/ticket/5089 Reviewed-By: Tomas Babej <tbabej@redhat.com>
This commit is contained in:
parent
5435a8a32a
commit
f6b32d8eea
@ -47,9 +47,29 @@ EXAMPLES:
|
||||
Show information about a profile:
|
||||
ipa certprofile-show ShortLivedUserCert
|
||||
|
||||
Save profile configuration to a file:
|
||||
ipa certprofile-show caIPAserviceCert --out caIPAserviceCert.cfg
|
||||
|
||||
Search for profiles that do not store certificates:
|
||||
ipa certprofile-find --store=false
|
||||
|
||||
PROFILE CONFIGURATION FORMAT:
|
||||
|
||||
The profile configuration format is the raw property-list format
|
||||
used by Dogtag Certificate System. The XML format is not supported.
|
||||
|
||||
The following restrictions apply to profiles managed by FreeIPA:
|
||||
|
||||
- When importing a profile the "profileId" field, if present, must
|
||||
match the ID given on the command line.
|
||||
|
||||
- The "classId" field must be set to "caEnrollImpl"
|
||||
|
||||
- The "auth.instance_id" field must be set to "raCertAuth"
|
||||
|
||||
- The "certReqInputImpl" input class and "certOutputImpl" output
|
||||
class must be used.
|
||||
|
||||
""")
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user