IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity
b12db92414
freeipa/ipaserver
History
Fraser Tweedale b12db92414 Create server and host certs with DNS altname 
Currently server (HTTP / LDAP) certs are created without a Subject
Alternative Name extension during server install, replica prepare
and host enrolment, a potentially problematic violation of RFC 2818.

Add the hostname as a SAN dNSName when these certs are created.

(Certmonger adds an appropriate request extension when renewing the
certificate, so nothing needs to be done for renewal).

Fixes: https://fedorahosted.org/freeipa/ticket/4970
Reviewed-By: Petr Spacek <pspacek@redhat.com>
2016-07-19 14:18:04 +02:00
..
advise ipa-advise: correct handling of plugin namespace iteration 2016-07-12 11:02:52 +02:00
install Create server and host certs with DNS altname 2016-07-19 14:18:04 +02:00
plugins schema: Fix subtopic -> topic mapping 2016-07-15 14:02:17 +02:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc.py session: move the session module from ipalib to ipaserver 2016-06-30 14:09:24 +02:00
dns_data_management.py DNS Locations: cleanup of bininstance 2016-06-28 15:23:51 +02:00
rpcserver.py server: exclude Local commands from RPC 2016-06-30 16:32:20 +02:00
servroles.py Introduce "NTP server" role 2016-06-15 13:51:48 +02:00
session.py session: do not initialize session manager on import 2016-06-30 14:09:24 +02:00
topology.py Fix topologysuffix-verify failing connections 2016-06-24 13:32:02 +02:00