Menu
▾
▴
Re: [Ejbca-develop] Delegation with Administrator Roles
|
From: Tomas G. <to...@pr...> - 2014-11-11 12:04:39
|
An ra admin can issue certificates for the CAs and profiles he have access to, not others. "Michael Ströder" <mi...@st...> skrev: (11 november 2014 10:00:01 CET) >Tomas Gustavsson wrote: >> One important thing in profiles are how "available CAs" and >"available >> profiles" are selected. An administrator does not have access to a >> profile if he/she does not have access to all selected "available" >CAs >> and profiles. > >Now the interesting question is what "have access" really means (see my >own >follow-up). Obviously the RA admin of another sub CA should not be able >to let >the admin CA issue arbitrary certs. > >Ciao, Michael. > > > >------------------------------------------------------------------------ > >------------------------------------------------------------------------------ >Comprehensive Server Monitoring with Site24x7. >Monitor 10 servers for $9/Month. >Get alerted through email, SMS, voice calls or mobile push >notifications. >Take corrective actions from your mobile device. >http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk > >------------------------------------------------------------------------ > >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
