Menu
▾
▴
Re: [Ejbca-develop] Domain Controller cert req format?
|
From: Tomas G. <to...@pr...> - 2013-05-02 15:42:46
|
Hi, This sounds awesome! If you get it working we will really like an updated guide for that. Attributes in the certificate request should not be needed. EJBCA by default uses the information registered when you create the end entity in EJBCA, and ignores the user supplied attributes in the request (they may be dangerous, the user probably knows nothing about PKI). The certificate request is fully valid without any extra attributes. Cheers, Tomas On 05/01/2013 07:49 PM, Gémes Géza wrote: > Hi, > > I'm working on an addendum to the smart card logon howto > (http://download.primekey.se/ejbca/smartcardlogon/) in order to make an > equivalent (the Windows dc part) for a Samba Active Directory DC. As > samba already has python interfaces I've decided to try to code the > whole in python. As the ssl library I've choose M2Crypto. The attached > python script produces a similar request (attached) as the vbscript > attached to the howto, but it misses to add any attributes. The question > is are they needed, is the certificate request valid without? > > Cheers > > Geza Gemes > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
