On Thu, Mar 05, 2020 at 07:16:45AM -0000, Hristina Marosevic wrote:
Hello,
By using ldapmodify command and ldif file as input.
# ldif file: dn: uid=32000000001,<users_branch,suffix> changetype: modify add: userCertificate;binary userCertificate;binary: MIIGMTCCBBmgAwIBAgIUfYWZ212wMteK0jjnnXd6dqlqkIkwDQYJKoZIhvcNAQELBQAwLTELMAkGA1UEBhMCS1oxHjAcBgNVBAMMFdKw0JrQniAzLjAgKFJTQSBURVNUKTAeFw0xOTA0MDQwODU0NTRaFw0yMTA0MDMwODU0NTRaMIGvMSIwIAYDVQQDDBnQotCV0KHQotCi0J7QkiDQotCV0KHQotCiMRcwFQYDVQQEDA7QotCV0KHQotCi0J7QkjEYMBYGA1UEBRMPSUlOMTIzNDU2Nzg5MDEyMQswCQYDVQQGEwJLWjEVMBMGA1UEBwwM0JDQodCi0JDQndCQMRUwEwYDVQQIDAzQkNCh0KLQkNCd0JAxGzAZBgNVBCoMEtCi0JXQodCi0KLQntCS0JjQpzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI9kXtq5MjdOP+6uelfthsbeOFCrjPQdypbwkDgIoas054FJvKHgfX9apVHvbMrNK7/atFMbfrv1gxbLqFkHPs5/u2dDo4GWZmYDHIWSRRTVlVEoVHJVYHOZPxio6N611pgSvh/1yM5XbYRK08kKF5mbLIxEw62VMDfZ1DutYEtyOmQsVBmEiducfklQQS6JVMpdnnENHOksJU3H9UXIvEeA+N+/SZY4ane1UIFFieZb/zak5y9gZC1Iluwv0vIiy4lZU3MlZBra/iCs1/c4K5Y7rAiI9olydg229G00cK17E+JwnuJoKaCPGBaxQoLJpUgU2f5JOBHzXOXn2WuZ8MMCAwEAAaOCAcQwggHAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKoMOAwMEAQEwHwYDVR0jBBgwFoAUpowWM3y46DVnBj5eQVdVoq80UGgwHQYDVR0OBBYEFLoJ735qnU1Q4y8AEtPdJI2lqQVfMF4GA1UdIARXMF UwUwYHKoMOAwMCBDBIMCEGCCsGAQUFBwIBFhVodHRwOi8vcGtpLmdvdi5rei9jcHMwIwYIKwYBBQUHAgIwFwwVaHR0cDovL3BraS5nb3Yua3ovY3BzMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly90ZXN0LnBraS5nb3Yua3ovY3JsL25jYV9yc2FfdGVzdC5jcmwwPgYDVR0uBDcwNTAzoDGgL4YtaHR0cDovL3Rlc3QucGtpLmdvdi5rei9jcmwvbmNhX2RfcnNhX3Rlc3QuY3JsMHEGCCsGAQUFBwEBBGUwYzA4BggrBgEFBQcwAoYsaHR0cDovL3Rlc3QucGtpLmdvdi5rei9jZXJ0L25jYV9yc2FfdGVzdC5jZXIwJwYIKwYBBQUHMAGGG2h0dHA6Ly90ZXN0LnBraS5nb3Yua3ovb2NzcDANBgkqhkiG9w0BAQsFAAOCAgEACnYpytjbyuV3sRojnlyxEC7HG7BgcDDy6rS/kfOtK6X5+MGCT/zvwksZOumN5Jg5TPdJuKt3ebKJGIBVr474mHFk7Nq0F8WxuAWNffjoL0Lvcuon4Zwq/W8h4t6PYutD4NEauIPEa8X8BGPgMn+YqOc3sfEruXh8rmcSJ/zuT7uw1wD6ZQlNsniioengKIgapDVDHuzoV/r//rEANwIpntAyjXFh+fjx+CDCx2sLxYjlVgyxNzT53mD6ZqsMlg6NrajJe/GvS0A38jKNyxW/DPX06NToWP/hu7M4P2/WiskjKVgOxqQcc4yzTfKV41DmEmGGC7sT1r3YeZ4dH/KQRpjowBOSKmUZq4/XR0yXXhpTDtiiRwXkQgM1p4SKE19bBqGuc76lDgmffPPPj4B+3HZqaprIIDG3YA3/W4rwUoWBQPGGCXpOBvGEQptEHItx4YiEZTQuvdCtlW585kUyol39sKv2uIo/FgycBd8NufOInGCLUgpZec4zVLZN9Shj+M20BMUh+SiGoL/kJAi2XdM 922U3po9a2FbULvJfOlsFY2Z6n+TUZZVXBCUIEE6Ek4tTIGjHWj7uQVGLjw0PcHf11CtrMZO7Y+OTBb/Y0oyUY9JOyzSqhj4rt4nNkzR1vMGVYMNISoXbDgYBaAKuv2oSpG6yQdlufS8M/YWxAWw=
Hi,
you have to load it as a binary. For this frist convert your certificate into DER format with
openssl x509 -in my_cert.cer -outform der -out my_cert.der
and then the ldif should look like
# ldif file: dn: uid=32000000001,<users_branch,suffix> changetype: modify add: userCertificate;binary userCertificate;binary:< file:///path/to/my_cert.der
(see man ldapmodify for details about the file syntax).
bye, Sumit
BR, Hristina _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...