[PATCH] 269 - python code for subcas
by Ade Lee
This patch provides python client code (and tests) for the subcas
feature, as based on Fraser's patches. Those need to be applied to
the server code in order for this functionality to be tested.
Right now, as per Fraser's patches, there is only support for aid,
parent_aid, dn, description. No support yet for cacert and
intermediates, or for status.
The patch does include unit tests -- which should be required from now
on for new python code -- as well as some functional test code - which
can later be moved into a functional test framework.
Please review.
Ade
8 years, 7 months
[PATCH] 643 Fixed pkidbuser group memberships.
by Endi Sukma Dewata
Due to a certificate mapping issue the subsystem certificate can
be mapped into either the subsystem user or pkidbuser, which may
cause problems since the users don't belong to the same groups.
As a temporary solution the pkidbuser is now added into the same
groups. This way the client subsystem can always access the
services regardless of which user the certificate is actually
mapped to.
https://fedorahosted.org/pki/ticket/1595
--
Endi S. Dewata
8 years, 7 months
Dogtag 10.1 API
by Lan Chen
Hi All,
Is there good documentation on Dogtag 10.1 API somewhere?
Lan
----- Original Message -----
From: "Ryan Murray" <rmurray(a)stonedoorgroup.com>
To: "Lan Chen" <lachen(a)redhat.com>
Sent: Wednesday, September 2, 2015 9:53:09 AM
Subject: Re: Dogtag 10.1
There is a massive difference between the API's, I checked before raising the concern. By massive I mean they are all different.
Example:
10.1
Noun=certs
10.2
Noun=certificates
None of the other nouns are working as documented by 10.2.
On Sep 2, 2015 9:50 AM, "Lan Chen" < lachen(a)redhat.com > wrote:
Ryan, I just checked with Paul, we need it installed on RHEL. Could you see if the APIs documented for 10.2 also works for 10.1, there shouldn't be too big of a difference between the versions.
From: "Ryan Murray" < rmurray(a)stonedoorgroup.com >
To: "Lan Chen" < lachen(a)redhat.com >
Sent: Wednesday, September 2, 2015 9:38:25 AM
Subject: Re: Dogtag 10.1
The packages are not avaliable to the RHEL 7 channels or EPEL channels. From a technical standpoint I would need to spend time getting the exact limitations, but as it stands I would have to install tons of fedora packages or compile from source to get 10.2 running on RHEL.
On Wednesday, September 2, 2015, Lan Chen < lachen(a)redhat.com > wrote:
<blockquote>
I meant why can't 10.2 be on RHEL, and need to be on Fedora?
From: "Ryan Murray" < rmurray(a)stonedoorgroup.com >
To: "Lan Chen" < lachen(a)redhat.com >
Sent: Wednesday, September 2, 2015 9:33:08 AM
Subject: Re: Dogtag 10.1
There is no issue with the install, that was done Monday night. The issue is with the API not being documented. The client had to use fedora in all of their tests due to the newer 10.2 version and better API.
On Wednesday, September 2, 2015, Lan Chen < lachen(a)redhat.com > wrote:
<blockquote>
What's the issue on installing Dogtag 10.2 on RHEL?
From: "Ryan Murray" < rmurray(a)stonedoorgroup.com >
To: "Lan Chen" < lachen(a)redhat.com >
Sent: Wednesday, September 2, 2015 8:02:27 AM
Subject: Dogtag 10.1
Hi Lan,
Could you please see if there is anyone at Red Hat technical that would have any documentation on the dog tag 10.1 API? It is not documented online that I can find. Hunting through source code to find undocumented API calls is a stretch on the SOW, and installing Fedora is a change to needs Red Hat's OK.
Thanks
</blockquote>
</blockquote>
8 years, 7 months