stlaz
2017-04-26 06:35:58 UTC
URL: https://github.com/freeipa/freeipa/pull/733
Author: stlaz
Title: #733: [4.5] Fix CA/server cert validation in FIPS
Action: opened
PR body:
"""
In FIPS, the NSS library needs to be passed passwords to perform
certificate validation. Should we not have passed it and the NSS
guys have not fixed this yet, we would get SEC_ERROR_BAD_SIGNATURE
which is completely different error than one would expect but
that's just how things are with NSS right now.
https://pagure.io/freeipa/issue/6897
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/733/head:pr733
git checkout pr733
Author: stlaz
Title: #733: [4.5] Fix CA/server cert validation in FIPS
Action: opened
PR body:
"""
In FIPS, the NSS library needs to be passed passwords to perform
certificate validation. Should we not have passed it and the NSS
guys have not fixed this yet, we would get SEC_ERROR_BAD_SIGNATURE
which is completely different error than one would expect but
that's just how things are with NSS right now.
https://pagure.io/freeipa/issue/6897
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/733/head:pr733
git checkout pr733