Reported on freeipa-users: https://www.redhat.com/archives/freeipa-users/2013-November/msg00086.html
It's possible that the root cause is something different.
FWIW I've authored a set of Python utilities to work with pem files for OpenStack. They work just fine with PEM blocks embedded with non-PEM text. I was thinking the utilities would also be useful in FreeIPA (in fact my experience in IPA is what guided the development of these utilities. I'll try to get them up in a git repo shortly and send a pointer.
Our x509.strip_header should handle them as well. I'm worried about Dogtag.
x509.strip_header
This needs more investigation though.
Not sure whether it needs to be cloned. Marking "todo" first.
Moving stabilization tickets that do not affect FreeIPA 4.0 release usability in any significant way to 4.0.1 stabilization milestone.
FreeIPA 4.0.1 was released, moving to next bugfixing release milestone.
master:
ipa-4-1:
ipa-4-0:
The change itself is in the end rather future proofing in our code, I did not see a clear reproducer - so no clone.
Metadata Update from @pviktori: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.0.2
Login to comment on this ticket.