mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
WHATSNEW: Add text on PKINIT Certificate Revocation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9612 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
parent
980c1565ed
commit
0ee8c263f6
17
WHATSNEW.txt
17
WHATSNEW.txt
@ -108,7 +108,24 @@ The use of well known cryptography libraries makes Samba easier for
|
||||
end-users to validate and deploy, and for distributors to ship. This
|
||||
is the end of a very long journey for Samba.
|
||||
|
||||
Revocation support in Heimdal KDC for PKINIT certificates
|
||||
---------------------------------------------------------
|
||||
|
||||
Samba will now correctly honour the revocation of 'smart card'
|
||||
certificates used for PKINIT Kerberos authentication.
|
||||
|
||||
This list is reloaded each time the file changes, so no further action
|
||||
other than replacing the file is required. The additional krb5.conf
|
||||
option is:
|
||||
|
||||
[kdc]
|
||||
pkinit_revoke = FILE:/path/to/crl.pem
|
||||
|
||||
Information on the "Smart Card login" feature as a whole is at:
|
||||
https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login
|
||||
|
||||
|
||||
================
|
||||
REMOVED FEATURES
|
||||
================
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user