[WISHLIST] User Certificates DN should be configurable
Bug #553942 reported by
Giulio Galiero
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Eucalyptus |
Confirmed
|
Wishlist
|
chris grzegorczyk | ||
Bug Description
Right now, user X.509 certificates DN is not configurable, and it appears as the following:
Subject: C=US, ST=CA, L=Santa Barbara, O=your-username, OU=Eucalyptus, CN=www.
In addition, user X.509 certificates are self-signed certificates (i.e. the issuer and the subject are the same).
It would be useful if Eucalyptus could provide a tool/interface to configure an internal CA with a configurable DN to sign user X.509 certificates, so that such user certificates could be trusted elsewhere by simply importing the CA public key.
Revision history for this message
| chris grzegorczyk (chris-grze) wrote | #1 |
| Changed in eucalyptus: | |
| assignee: | nobody → chris grzegorczyk (chris-grze) |
| status: | New → Confirmed |
| importance: | Undecided → Wishlist |
Revision history for this message
| Andy Grimm (agrimm) wrote | #2 |
To post a comment you must log in.
This will be true in future versions. Currently, it is worth noting that the user certificates are self signed (while system certificates are signed with the 'eucalyptus' key). Regardless, configuring this will be on option in the future.