Hide Forgot
1. About PIN-generation In default setpin.conf there is option 'setpin=yes'. This option create necessary objectclass and attribute. When the objectclass and attribute are created the user have to comment 'setpin=yes', because in setup mode setpin doesn't generate pins. 2. Subject for Certificate from LDAP In chapter 9.2.1 in RHCS 8.0 documentation and 9.2.1 in RHCS 8.1 there is notes about creation of Subject in certificate from dnpattern. It doesn't work unless you read B.1.20 in RHCS 8.0 docs and B.2.10 in RHCS 8.1 docs. I didn't find any info in docs to look in Appendix.
For #1 in the description, I added a note on setup mode in the CLI guide: http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.1/html/Command-Line_Tools_Guide/PIN_Generator.html#The_setpin_Command-Usage For item #2, I added links to the appendix in the intro and in step 2: http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.1/html/Admin_Guide/Managing_Subject_Names_and_Subject_Alternative_Names.html#Populating_Certificates_with_Directory_Attributes
Verified. #1. Following section has been added in section "5.1.3. Usage" of Command-Line Tools Guide for disabling setup mode for setpin tool after creating objectclass and attribute in ldap scehma. =============== Then, disable setup mode for the setpin command. Either comment out the setup line or change the value to no. vim /usr/lib/pki/native-tools/setpin.conf setup=no ======== #2. Detailed description has been provided in section "2.8.2. Inserting LDAP Directory Attribute Values and Other Information into the Subject Alt Name" of Admin guide.