#5173 After custom user certificate is added via ipa user-add-cert, WebUI still shows No Valid Certificate
Closed: Fixed None Opened 8 years ago by adelton.

I need to assign custom certificate to users.

So I do

# ipa user-add-cert --certificate="$(cat -)" david

and paste the base64 content of client.crt.

The

# ipa user-find --all --raw david | grep userCertificate

shows the certificate is there

userCertificate;binary: MIICrzCCAZeg[... truncated ...]EeI5/ug==

Yet when I refresh the WebUI, looking at the david user, the field

Certificate

still says

No Valid Certificate

This is with ipa-server-4.2.0-3.el7.x86_64.


Things work when I add the certificate using ldapmodify with

changetype: modify
add: usercertificate
usercertificate:< file:client.der

The difference is that the attribute is {{{userCertificate}}}, not {{{userCertificate;binary}}}.

master:

  • 3257ac6 store certificates issued for user entries as userCertificate;binary

ipa-4-2:

  • 8b3ed42 store certificates issued for user entries as userCertificate;binary

Metadata Update from @adelton:
- Issue assigned to mbabinsk
- Issue set to the milestone: FreeIPA 4.2.1

7 years ago

Login to comment on this ticket.

Metadata