dirmngr only using cAcertificate attr type when querying LDAP directory
Open, WishlistPublic

Description

When trying to import CRLs using gpgsm --call-dirmngr loadcrl and with debug as guru, it reports using attr cACertificate when querying LDAP. This does not work against Microsoft Active Directory which uses usercertificate as the attr. Reviewing and the code supports either attr type (in dirmngr/ldap.c) but for the call start_default_fetch_ldap() from dirmngr/crlfetch.c which has hardcoded cACertificate as part of the call. I am working with version 2.1.18 of dirmngr. Can this be fix to support either a flag or an additional LDAP query to know what type of code to use automatically.

eoincreedon_gmail.com created this object in space S1 Public.
justus triaged this task as Wishlist priority.Jun 8 2017, 3:00 PM
justus added a project: gnupg (gpg22).