Bug 4872

Summary: tl-ldap-certalias extracts all certificates from a user object
Product: ThinLinc Reporter: Henrik Andersson <hean01>
Component: MiscAssignee: Karl Mikaelsson <derfian>
Status: NEW ---    
Severity: Normal    
Priority: P2    
Version: 4.1.0   
Target Milestone: LowPrio   
Hardware: PC   
OS: Unknown   
Acceptance Criteria:

Description Henrik Andersson cendio 2013-10-24 16:19:48 CEST
The sole purpose for tl-ldap-certalias is to extract certificate from user object and populate authorized_keys for use as public key auth.
The problem is that certificates for a user object probably includes several certificates which only on is intended for authentication in the infrastructure.

One way to overcome this is to implement a certificate filter just like we have done on the client side which i configurable on the thinlinc server.

See client certificate filter documentation for more information:

http://www.cendio.com/resources/docs/tag/ch07s04.html#smart_card_certificate_filter_settings_dialog