I have attached a revised patch which includes the code from your original patch + the stuff that we worked on together + my most recent attempt at the new add_attributes() method.

ACK on your original code and the code that we worked on together.

Please review the code in UpdateDomainXML.java that was discussed earlier.

Thanks,
-- Matt

On 07/10/13 13:26, Ade Lee wrote:

Opps - bug this time too:
https://bugzilla.redhat.com/show_bug.cgi?id=982320

On Wed, 2013-07-10 at 16:25 -0400, Ade Lee wrote:

This is in response to

Basically, there are two issues.

1. We want to use the selected CA to generate the SSL server cert.  In
the code though, for a clone, the code that sets the relevant preop
parameter used to determine the right CA to go to - is only run after we
issue the sslserver cert request.  That means it always goes to the
security domain CA.  This code is now reversed.

2. Due to a DS bug (which has been fixed), the attributes on the
pkiSubsystem entry in the clone CA security domain database we in lower
case, rather than the existing case.  Thats actually ok from an ldap
point of view.  We create some XML from those attributes -- just in
case, we should make the XML matches in this case case insensitive.

Please review.

Thanks,
Ade

_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel