Chromium Code Reviews
DescriptionDon't reject server and CA certs during device ONC validation
Server and CA certs are not rejected during device ONC validation
anymore. They are still not imported into the NSS database because:
- no OncCertificateImporter instance exists for device policy
- OncCertificateImporter has an additional check to prevent importing
server or ca certs from device policy.
Still, these certs should pass ONC validation so they can be used to
verify the radius server certificate when connecting to EAP-TLS networks on the sign-in screen.
Detail: http://go/chromeos-devicewide-eaptls-radiuscert
BUG=655266
TEST=Manual test, chromeos_unittests --gtest_filter=ONCValidatorTest*
Review-Url: https://codereview.chromium.org/2859123003
Cr-Commit-Position: refs/heads/master@{#472790}
Committed: https://chromium.googlesource.com/chromium/src/+/4cc64c6cdb93dcded1e43a51792a2bf7f89714d8
Patch Set 1 #
Total comments: 2
Patch Set 2 : Addressed comments. #
Messages
Total messages: 13 (6 generated)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||