[Freeipa-devel] [freeipa PR#5495][opened] Ensure that KDC cert has SAN DNS entry

URL: https://github.com/freeipa/freeipa/pull/5495 Author: tiran Title: #5495: Ensure that KDC cert has SAN DNS entry Action: opened PR body: """ The dns parameter of request_and_wait_for_cert() must be a string of hostnames. * Enforce list/tuple type so that API misuse no longer passes silently. * Add commonNameToSANDefaultImpl to KDCs_PKINIT_Certs profile * Explicitly pass hostname for service certs Fixes: https://pagure.io/freeipa/issue/8685 Signed-off-by: Christian Heimes <cheimes(a)redhat.com&gt; """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5495/head:pr5495 git checkout pr5495