]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d5704eb) | patch
Improve PKINIT certificate documentation
authorGreg Hudson <ghudson@mit.edu>
Fri, 6 Jun 2014 21:41:51 +0000 (17:41 -0400)
committerTom Yu <tlyu@mit.edu>
Fri, 6 Feb 2015 22:51:18 +0000 (17:51 -0500)
commit7f5e091247e242bcc3085bcffbcab6023899c59e
treec067139b40930c4e511341b7ea9ce7c5acc45225tree | snapshot
parentd5704eb864fd0ebaaf2e76cc161d930e014425fbcommit | diff
Improve PKINIT certificate documentation

Describe how to use a commercially-issued server certificate for
anonymous PKINIT.  Separate the KDC and client configuration
instructions so that the steps necessary for anonymous PKINIT are not
combined with the additional steps necessary for regular PKINIT.
Describe kpServerAuth as the EKU used in commercially issued server
certificates, not as the value used by Microsoft (which does not
appear to be true according to [MS-PKCA]).

(cherry picked from commit 677c7753923e5efa078074611d4474fbcc10f6a1)

ticket: 8105 (new)
version_fixed: 1.11.6
status: resolved
doc/admin/conf_files/krb5_conf.rst diff | blob | blame | history
doc/admin/pkinit.rst diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git