Sunday, October 24, 2021

[389-users] Re: Search directory for userCertificate by fingerprint?

> On 22 Oct 2021, at 21:44, Graham Leggett <minfrin@sharp.fm> wrote:
>
> Hi all,
>
> (This is very tricky to google)
>
> Is there a mechanism by which it is possible, given the hash of a userCertificate, to search for userCertificates in a 389ds directory?
>
> Something like this:
>
> (userCertificate=sha256:0a:f0…)
>
> Obviously I can preprocess the directory and store the hash beside the certificate, however there does not seem to be a sensible attribute for that.
>
> Is this possible?


It's not possible today, you'll likely need to extend schema to add something that can store the hash. But keeping them insync then becomes the next challenge ...

>
> Regards,
> Graham
> —
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
> Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

--
Sincerely,

William Brown

Senior Software Engineer, Identity and Access Management
SUSE Labs, Australia

_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

No comments:

Post a Comment