Secured LDAP Client: Root CA certificate upload process.

Jayanth Othayoth ojayanth at gmail.com
Mon Apr 29 22:52:40 AEST 2019


To configure Secured LDAP Client in BMC ,  required a Redfish interface to
upload Server copy of Root CA certificate in BMC for SSL handshaking.

Latest version of DMTF spec (DSP2046 v2018.3 ) certificate supports the
below URIs:

/redfish/v1/AccountService/Accounts/{ManagerAccountId}/Certificates/{CertificateId}

/redfish/v1/AccountService/ActiveDirectory/Certificates/{CertificateId}
/redfish/v1/AccountService/ExternalAccountProviders/{ExternalAccountProviderId}/Certificates/{CertificateId}
 /redfish/v1/AccountService/LDAP/Certificates/{CertificateId}
/redfish/v1/Managers/{ManagerId}/NetworkProtocol/HTTPS/Certificates/{CertificateId}

/redfish/v1/Managers/{ManagerId}/RemoteAccountService/Accounts/{ManagerAccountId}/Certificates/{CertificateId}
 /redfish/v1/Managers/{ManagerId}/RemoteAccountService/ActiveDirectory/Certificates/{CertificateId}
 /redfish/v1/Managers/{ManagerId}/RemoteAccountService/ExternalAccountProviders/{ExternalAccountProviderId}/Certificates/{CertificateId}
 /redfish/v1/Managers/{ManagerId}/RemoteAccountService/LDAP/Certificates/{CertificateId}


Currently URI  /redfish/v1/AccountService/LDAP/Certificates/{CertificateId}
used for upload LDAP client certificates.

Ed, Ratan Can we use use any of the existing uri to upload  LDAP server
root CA Certificate , or do we need to introduce custom URI  for this
purpose?

I have already posted question Redfish forum (
https://redfishforum.com/thread/169/certificate-management-ca-upload?page=1&scrollTo=553)
related to general “authority” type certificate  upload process, which can
be used for this purpose.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20190429/b2ebee5e/attachment.htm>


More information about the openbmc mailing list