|
|
59.
|
|
|
A domain is a database containing user information. SSSD can use more domains at the same time, but at least one must be configured or SSSD won't start. This parameter describes the list of domains in the order you want them to be queried. A domain name should only consist of alphanumeric ASCII characters, dashes, dots and underscores.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:247
|
|
|
99.
|
|
|
(NSS Version) This option is ignored.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:485 sssd.conf.5.xml:585
|
|
|
100.
|
|
|
(OpenSSL Version) If a connection cannot be established to an OCSP responder the OCSP check is skipped. This option should be used to allow authentication when the system is offline and the OCSP responder cannot be reached.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:488
|
|
|
108.
|
|
|
(NSS Version) This option is ignored, because NSS uses sha1 unconditionally.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:512
|
|
|
112.
|
|
|
Sets the OCSP default responder which should be used instead of the one mentioned in the certificate. URL must be replaced with the URL of the OCSP default responder e.g. http://example.com:80/ocsp.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:567
|
|
|
113.
|
|
|
(NSS Version) This option must be used together with ocsp_default_responder_signing_cert.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:534
|
|
|
115.
|
|
|
(NSS Version) The nickname of the cert to trust (expected) to sign the OCSP responses. The certificate with the given nickname must be available in the systems NSS database.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:544
|
|
|
116.
|
|
|
This option must be used together with ocsp_default_responder.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:549
|
|
|
117.
|
|
|
(OpenSSL version) This option is currently ignored. All needed certificates must be available in the PEM file given by pam_cert_db_path.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:551
|
|
|
119.
|
|
|
(NSS Version) This option is ignored, please see <citerefentry> <refentrytitle>crlutil</refentrytitle> <manvolnum>1</manvolnum> </citerefentry> how to import a Certificate Revocation List (CRL) into a NSS database.
|
|
|
type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
|
|
|
|
|
(no translation yet)
|
|
|
|
Located in
sssd.conf.5.xml:561
|
