Luke Schierer wrote:
On Tue, May 18, 2010 at 07:44:23PM -0600, Rich Megginson wrote:
> Luke Schierer wrote:
>
>> Hi all,
>>
>> I have been using fedora directory server/389 directory server for a
>> couple years now with out any real issues, so I want to start off by
>> thanking all of the developers for the hours they put into making it
>> available to us.
>>
>> Lately I have had the need to look at storeing x509 certificates in my
>> LDAP directory, to make them available to an application we use.
>> Looking at the documentation available on the website, it appears that
>> the usercertificate attribute either used to be a binary attribute, or
>> that there is a way to make it a binary attribute that I am not
>> seeing.
>>
>>
> It is and always has been a binary attribute. What documentation on the
> website leads you to think otherwise? We need to fix it.
>
>> If the former, that it was but is no longer a binary attribute, it
>> appears to me that the 389-console cannot handle the PEM formatted
>> certificates, once one is added, I can no longer select that attribute
>> to manipulate either it, or the certificate it contains.
>>
>>
> Sounds like a bug.
>
>> If the latter, that it can be changed to be binary, I would greatly
>> appreciate a pointer on how to do so.
>>
>> Hopefully someone who has worked with certificates in 389-ds can give
>> me some pointers either way, so that I can either submit a bug report,
>> or find the right docs to be reading. Any help would be greatly
>> appreciated.
>>
The docs do say that it is a binary attribute, but they say that in
the 389-console that it should have a button to select the file to
upload. Instead, it has a text box. That is what confuses me.
Should I put the filename in that text box?
No, I think the text box is for the base64 encoded (i.e. PEM) cert data.
Thanks!!
Luke
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users