diff --git a/ui/app/models/pki/role.js b/ui/app/models/pki/role.js index 43165938de..e477d4a17d 100644 --- a/ui/app/models/pki/role.js +++ b/ui/app/models/pki/role.js @@ -72,6 +72,7 @@ export default class PkiRoleModel extends Model { 'Additional subject fields': [ 'allowedUserIds', 'allowedSerialNumbers', + 'serialNumberSource', 'requireCn', 'useCsrCommonName', 'useCsrSans', @@ -244,13 +245,30 @@ export default class PkiRoleModel extends Model { /* Overriding OpenApi Additional subject field options */ @attr({ - label: 'Allowed serial numbers', subText: 'A list of allowed serial numbers to be requested during certificate issuance. Shell-style globbing is supported. If empty, custom-specified serial numbers will be forbidden.', editType: 'stringArray', }) allowedSerialNumbers; + @attr({ + editType: 'radio', + possibleValues: [ + { + value: 'json-csr', + subText: + 'The subject serial number will be taken from the "serial_number" parameter and fall back to the serial number in the CSR.', + }, + { + value: 'json', + subText: + 'The subject serial number will be taken from the "serial_number" parameter but will ignore any value in the CSR.', + }, + ], + defaultValue: 'json-csr', + }) + serialNumberSource; + @attr('boolean', { label: 'Require common name', subText: 'If set to false, common name will be optional when generating a certificate.', diff --git a/ui/tests/integration/components/pki/pki-role-form-test.js b/ui/tests/integration/components/pki/pki-role-form-test.js index 107da6f8e1..8c770b73ea 100644 --- a/ui/tests/integration/components/pki/pki-role-form-test.js +++ b/ui/tests/integration/components/pki/pki-role-form-test.js @@ -191,6 +191,7 @@ module('Integration | Component | pki-role-form', function (hooks) { key_usage: ['DigitalSignature', 'KeyAgreement', 'KeyEncipherment'], not_before_duration: '30s', require_cn: true, + serial_number_source: 'json-csr', signature_bits: '384', use_csr_common_name: true, use_csr_sans: true,