summaryrefslogtreecommitdiff
path: root/read-cert-template.conf.example
diff options
context:
space:
mode:
authorB. Stack <bgstack15@gmail.com>2024-07-23 20:49:09 -0400
committerB. Stack <bgstack15@gmail.com>2024-07-23 20:49:09 -0400
commitab90e078ffb1fd8c27d06b0f32c5b4ba9a16861f (patch)
tree328d3b27c51d5ac11b2c72486302e1fdf6d3a74d /read-cert-template.conf.example
parentinitial commit (diff)
downloadread-cert-template-ab90e078ffb1fd8c27d06b0f32c5b4ba9a16861f.tar.gz
read-cert-template-ab90e078ffb1fd8c27d06b0f32c5b4ba9a16861f.tar.bz2
read-cert-template-ab90e078ffb1fd8c27d06b0f32c5b4ba9a16861f.zip
support domain lookup from oidHEADmaster
Diffstat (limited to 'read-cert-template.conf.example')
-rw-r--r--read-cert-template.conf.example18
1 files changed, 18 insertions, 0 deletions
diff --git a/read-cert-template.conf.example b/read-cert-template.conf.example
new file mode 100644
index 0000000..0a875f3
--- /dev/null
+++ b/read-cert-template.conf.example
@@ -0,0 +1,18 @@
+# File: ~/.config/read-cert-template.conf
+# If you know the whole oid, chop off the M$ part, and the first number (awk $10) is this identifier. Technically it is not enough to identify the exact PKI instance, but it is good enough for this!
+# You can just use RCT_ALIAS= if you do not want to define per-domain settings.
+RCT_ALIAS_1234567=""
+RCT_LDAPSERVER_1234567=ldaps://locale1.example.corp
+# the "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration," will be added to this:
+RCT_LDAPBASE_1234567="DC=example,DC=corp"
+# because i struggled with escaped spaces around this stuff
+RCT_LDAPAUTH1_1234567="-x -w $( printf '%s' 'base64dPwHere' | base64 -d )"
+RCT_LDAPAUTH2_1234567="-D CN=Service Account 23498,OU=Accounts,DC=locale2,DC=example,DC=corp"
+
+RCT_ALIAS_4928234="DEV"
+RCT_LDAPSERVER_4928234=ldaps://locale2.example.corp
+# the "CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration," will be added to this:
+RCT_LDAPBASE_4928234="DC=locale2,DC=example,DC=corp"
+# because i struggled with escaped spaces around this stuff
+RCT_LDAPAUTH1_4928234="-x -w $( printf '%s' 'SecurityHatesMe' | base64 -d )"
+RCT_LDAPAUTH2_4928234="-D CN=Service Account 5822,OU=Accounts,DC=locale2,DC=example,DC=corp"
bgstack15