mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 00:20:04 -06:00
a1f260d021
The dnssec and secrets subpackages and the p11helper module depend on ipaplatform. Move them to ipaserver as they are used only on the server. https://fedorahosted.org/freeipa/ticket/6474 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
29 lines
591 B
Plaintext
29 lines
591 B
Plaintext
[global]
|
|
server_version = "IPAKeys/0.0.1"
|
|
server_socket = $IPA_CUSTODIA_SOCKET
|
|
auditlog = $IPA_CUSTODIA_AUDIT_LOG
|
|
|
|
[auth:simple]
|
|
handler = custodia.httpd.authenticators.SimpleCredsAuth
|
|
uid = $UID
|
|
gid = $GID
|
|
|
|
[auth:header]
|
|
handler = custodia.httpd.authenticators.SimpleHeaderAuth
|
|
header = GSS_NAME
|
|
|
|
[authz:kemkeys]
|
|
handler = ipaserver.secrets.kem.IPAKEMKeys
|
|
paths = /keys
|
|
store = ipa
|
|
server_keys = $IPA_CUSTODIA_CONF_DIR/server.keys
|
|
|
|
[store:ipa]
|
|
handler = ipaserver.secrets.store.IPASecStore
|
|
ldap_uri = $LDAP_URI
|
|
|
|
[/keys]
|
|
handler = custodia.secrets.Secrets
|
|
allowed_keytypes = kem
|
|
store = ipa
|