mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
1d80048e05
The Dogtag KRA backend now uses CryptographyCryptoProvider instead of NSSCryptoProvider for KRAClient connections. The CryptographyCryptoProvider uses PyCA cryptography to provide wrapping and unwrapping. The change will allow Dogtag to remove the NSSCryptoProvider and drop python-nss as a dependency. The code in ipaserver.plugins.dogtag creates a Certificate object to work around a bug in Dogtag. Dogtag supports paths but passes the wrong type to PyCA cryptography. Fixes: https://pagure.io/freeipa/issue/8814 See: https://github.com/dogtagpki/pki/issues/3499 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>