Hello, I am using SSSD with LDAP directory which provides public keys for each user entry to SSSD. I am not sure if it is possible to configure SSSD not just to accept the private key (provided by the user during the login) and authenticate the user from LDAP (where his public ke is stored), but also to check the: - trust (validation of the CA used for signing the user's certificate i.e. public key) - validity of a user certificate with its public key (its "from" - "to" dates) - revocation status (configuration of SSSD with CRL lists or OCSP) or should I manage this on the LDAP side or on application level or somewhere else? I would be grateful if you share your ideas about the possible solutions of this situation!
BR, Hristina _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
