|
|
|
|
@ -4444,7 +4444,7 @@ int LDAPManager::generatePublicKerberosCACertificate(LDAPCertConfig certinfo, LD
|
|
|
|
|
printf("ERROR: Unable to generate OpenSSL configuration file! Details: '%s'\n", errstr.ascii());
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress);
|
|
|
|
|
subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5/CN=%6/emailAddress=%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(certinfo.commonName).arg(certinfo.emailAddress);
|
|
|
|
|
command = TQString("openssl req -days %1 -key \"%2\" -new -x509 -out \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.caExpiryDays).arg(KERBEROS_PKI_PEMKEY_FILE).arg(KERBEROS_PKI_PEM_FILE).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
|
if (system(command) < 0) {
|
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
|
@ -4484,7 +4484,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
|
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
|
if (system(command) < 0) {
|
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
|
@ -4535,7 +4535,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
|
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
subject = TQString("/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
|
if (system(command) < 0) {
|
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
|
@ -4638,7 +4638,7 @@ int LDAPManager::generateClientCertificatePublicCertificate(int expirydays, LDAP
|
|
|
|
|
common_name = TQString("/CN=%1").arg(user.name);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
subject = TQString("\"%1%2\"").arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
subject = TQString("%1%2").arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
|
command = TQString("openssl req -days %1 -new -out \"%2\" -key \"%3\" -config \"%4\" -subj \"%5\"").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject);
|
|
|
|
|
if (system(command) < 0) {
|
|
|
|
|
if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command);
|
|
|
|
|
|
Timothy Pearson
6 years ago