On Tue, May 18, 2010 at 07:44:23PM -0600, Rich Megginson wrote:
Luke Schierer wrote:
> Hi all,
>
> I have been using fedora directory server/389 directory server for a
> couple years now with out any real issues, so I want to start off by
> thanking all of the developers for the hours they put into making it
> available to us.
>
> Lately I have had the need to look at storeing x509 certificates in my
> LDAP directory, to make them available to an application we use.
> Looking at the documentation available on the website, it appears that
> the usercertificate attribute either used to be a binary attribute, or
> that there is a way to make it a binary attribute that I am not
> seeing.
>
It is and always has been a binary attribute. What documentation on the
website leads you to think otherwise? We need to fix it.
> If the former, that it was but is no longer a binary attribute, it
> appears to me that the 389-console cannot handle the PEM formatted
> certificates, once one is added, I can no longer select that attribute
> to manipulate either it, or the certificate it contains.
>
Sounds like a bug.
> If the latter, that it can be changed to be binary, I would greatly
> appreciate a pointer on how to do so.
>
> Hopefully someone who has worked with certificates in 389-ds can give
> me some pointers either way, so that I can either submit a bug report,
> or find the right docs to be reading. Any help would be greatly
> appreciated.
The docs do say that it is a binary attribute, but they say that in
the 389-console that it should have a button to select the file to
upload. Instead, it has a text box. That is what confuses me.
Should I put the filename in that text box?
Thanks!!
Luke