summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xscripts/caclone-configure.sh66
-rwxr-xr-xscripts/caclone-create.sh3
-rwxr-xr-xscripts/caclone-remove.sh6
-rwxr-xr-xscripts/caclone-restart.sh4
-rwxr-xr-xscripts/caclone-start.sh3
-rwxr-xr-xscripts/caclone-stop.sh3
-rw-r--r--scripts/caclone.cfg28
-rwxr-xr-xscripts/existing-export.sh3
-rw-r--r--scripts/existing-step1.cfg19
-rwxr-xr-xscripts/existing-step1.sh8
-rw-r--r--scripts/external-step1.cfg20
-rwxr-xr-xscripts/external-step1.sh9
-rw-r--r--scripts/external-step2.cfg21
-rwxr-xr-xscripts/external-step2.sh5
-rwxr-xr-xscripts/sub-restart.sh4
-rwxr-xr-xscripts/sub-start.sh5
-rwxr-xr-xscripts/sub-stop.sh5
-rw-r--r--scripts/subca.cfg29
-rw-r--r--scripts/subkra.cfg29
-rwxr-xr-xscripts/tps-enroll.sh34
-rwxr-xr-xscripts/tps-format.sh36
-rwxr-xr-xscripts/tps-user.sh16
22 files changed, 0 insertions, 356 deletions
diff --git a/scripts/caclone-configure.sh b/scripts/caclone-configure.sh
deleted file mode 100755
index fe9af29..0000000
--- a/scripts/caclone-configure.sh
+++ /dev/null
@@ -1,66 +0,0 @@
-#!/bin/sh -x
-
-PKI_DEV_SRC=`cd .. ; pwd`
-
-INSTANCE_NAME=pki-caclone
-PASSWORD=Secret123
-PIN=`grep preop.pin= /var/lib/$INSTANCE_NAME/conf/CS.cfg | awk -F= '{ print $2; }'`
-
-REALM=EXAMPLE-COM
-CERTS=$PKI_DEV_SRC/certs/caclone
-rm -rf $CERTS
-mkdir -p $CERTS
-
-./caclone-certs.sh
-
-pkisilent ConfigureCA \
- -cs_hostname "$HOSTNAME" \
- -cs_port "9444" \
- -preop_pin "$PIN" \
- -client_certdb_dir "$CERTS" \
- -client_certdb_pwd "$PASSWORD" \
- -token_name "internal" \
- -domain_name "$REALM" \
- -subsystem_name "Certificate Authority Clone" \
- -clone "true" \
- -clone_uri "https://$HOSTNAME:9443" \
- -clone_p12_file "ca-server-certs.p12" \
- -clone_p12_password "$PASSWORD" \
- -sd_hostname "$HOSTNAME" \
- -sd_admin_port 9443 \
- -sd_ssl_port 9443 \
- -sd_agent_port 9443 \
- -sd_admin_name "caadmin" \
- -sd_admin_password "$PASSWORD" \
- -ldap_host "localhost" \
- -ldap_port "390" \
- -base_dn "dc=ca,dc=example,dc=com" \
- -db_name "example.com-$INSTANCE_NAME" \
- -bind_dn "cn=Directory Manager" \
- -bind_password "$PASSWORD" \
- -remove_data "true" \
- -key_type rsa \
- -key_size 2048 \
- -key_algorithm SHA256withRSA \
- -signing_signingalgorithm SHA256withRSA \
- -save_p12 true \
- -backup_fname "$CERTS/caclone-server-certs.p12" \
- -backup_pwd "$PASSWORD" \
- -ca_sign_cert_subject_name "CN=Certificate Authority,O=$REALM" \
- -ca_ocsp_cert_subject_name "CN=OCSP Signing Certificate,O=$REALM" \
- -ca_server_cert_subject_name "CN=$HOSTNAME,O=$REALM" \
- -ca_subsystem_cert_subject_name "CN=CA Subsystem Certificate,O=$REALM" \
- -ca_audit_signing_cert_subject_name "CN=CA Audit Signing Certificate,O=$REALM" \
- -admin_user "caadmin" \
- -agent_name "caadmin" \
- -admin_email "caadmin@example.com" \
- -admin_password "$PASSWORD" \
- -agent_key_size 2048 \
- -agent_key_type rsa \
- -agent_cert_subject "CN=caadmin,UID=caadmin,E=caadmin@example.com,O=$REALM"
-
-
-echo $PASSWORD > "$CERTS/password.txt"
-PKCS12Export -d "$CERTS" -o "$CERTS/caclone-client-certs.p12" -p "$CERTS/password.txt" -w "$CERTS/password.txt"
-
-systemctl restart pki-cad@$INSTANCE_NAME.service
diff --git a/scripts/caclone-create.sh b/scripts/caclone-create.sh
deleted file mode 100755
index 1bd0b4f..0000000
--- a/scripts/caclone-create.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-pkispawn -v -f caclone.cfg -s CA 2>&1 | tee build/calclone-create.log
diff --git a/scripts/caclone-remove.sh b/scripts/caclone-remove.sh
deleted file mode 100755
index 2f5640b..0000000
--- a/scripts/caclone-remove.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-SRC_DIR=`cd ../.. ; pwd`
-INSTANCE_NAME=pki-tomcat
-
-pkidestroy -v -s CA -i $INSTANCE_NAME
diff --git a/scripts/caclone-restart.sh b/scripts/caclone-restart.sh
deleted file mode 100755
index 7c65fb1..0000000
--- a/scripts/caclone-restart.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh -x
-
-./caclone-stop.sh
-./caclone-start.sh
diff --git a/scripts/caclone-start.sh b/scripts/caclone-start.sh
deleted file mode 100755
index 9ebfd59..0000000
--- a/scripts/caclone-start.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-systemctl start pki-tomcatd@ca-clone.service
diff --git a/scripts/caclone-stop.sh b/scripts/caclone-stop.sh
deleted file mode 100755
index 63e7b51..0000000
--- a/scripts/caclone-stop.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-systemctl stop pki-tomcatd@ca-clone.service
diff --git a/scripts/caclone.cfg b/scripts/caclone.cfg
deleted file mode 100644
index bba9e7c..0000000
--- a/scripts/caclone.cfg
+++ /dev/null
@@ -1,28 +0,0 @@
-[DEFAULT]
-pki_instance_name=pki-clone
-pki_http_port=18080
-pki_https_port=18443
-pki_ajp_port=18009
-pki_tomcat_server_port=18005
-
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret123
-pki_admin_uid=caadmin
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_ds_base_dn=dc=ca,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret123
-pki_ds_ldap_port=10389
-pki_security_domain_password=Secret123
-pki_security_domain_https_port=8443
-pki_security_domain_user=caadmin
-pki_clone=True
-pki_clone_pkcs12_password=Secret123
-pki_clone_pkcs12_path=/tmp/ca_backup_keys.p12
-pki_clone_replicate_schema=True
diff --git a/scripts/existing-export.sh b/scripts/existing-export.sh
deleted file mode 100755
index e3080c7..0000000
--- a/scripts/existing-export.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh -x
-
-pki-server subsystem-cert-export ca signing --pkcs12-file ca.p12 --pkcs12-password-file password.txt --csr-file ca_signing.csr
diff --git a/scripts/existing-step1.cfg b/scripts/existing-step1.cfg
deleted file mode 100644
index 2ff209c..0000000
--- a/scripts/existing-step1.cfg
+++ /dev/null
@@ -1,19 +0,0 @@
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret123
-pki_admin_uid=caadmin
-pki_backup_keys=True
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_ds_base_dn=dc=ca,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret123
-pki_security_domain_name=EXAMPLE
-pki_token_password=Secret123
-
-pki_external=True
-pki_external_step_two=False
diff --git a/scripts/existing-step1.sh b/scripts/existing-step1.sh
deleted file mode 100755
index 422febb..0000000
--- a/scripts/existing-step1.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh -x
-
-mkdir -p build
-
-rm -rf /tmp/ca_signing.csr
-rm -rf /tmp/ca.p12
-
-pkispawn -v -f existing-step1.cfg -s CA 2>&1 | tee build/existing-step1.log
diff --git a/scripts/external-step1.cfg b/scripts/external-step1.cfg
deleted file mode 100644
index 967289c..0000000
--- a/scripts/external-step1.cfg
+++ /dev/null
@@ -1,20 +0,0 @@
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret123
-pki_admin_uid=caadmin
-pki_backup_keys=True
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_ds_base_dn=dc=ca,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret123
-pki_security_domain_name=EXTERNAL
-pki_token_password=Secret123
-
-pki_external=True
-pki_external_step_two=False
-pki_external_csr_path=/tmp/ca_signing.csr
diff --git a/scripts/external-step1.sh b/scripts/external-step1.sh
deleted file mode 100755
index 5f7676c..0000000
--- a/scripts/external-step1.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh -x
-
-mkdir -p build
-
-rm -f /tmp/ca_signing.csr
-rm -f /tmp/ca_signing.crt
-rm -f /tmp/external.crt
-
-pkispawn -v -f external-step1.cfg -s CA 2>&1 | tee build/external-step1.log
diff --git a/scripts/external-step2.cfg b/scripts/external-step2.cfg
deleted file mode 100644
index 2092c48..0000000
--- a/scripts/external-step2.cfg
+++ /dev/null
@@ -1,21 +0,0 @@
-[CA]
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_password=Secret123
-pki_admin_uid=caadmin
-pki_backup_keys=True
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_ds_base_dn=dc=ca,dc=example,dc=com
-pki_ds_database=ca
-pki_ds_password=Secret123
-pki_security_domain_name=EXTERNAL
-pki_token_password=Secret123
-
-pki_external=True
-pki_external_step_two=True
-pki_external_ca_cert_chain_path=/tmp/external.crt
-pki_external_ca_cert_path=/tmp/ca_signing.crt
diff --git a/scripts/external-step2.sh b/scripts/external-step2.sh
deleted file mode 100755
index 78f9c9d..0000000
--- a/scripts/external-step2.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh -x
-
-mkdir -p build
-
-pkispawn -v -f external-step2.cfg -s CA 2>&1 | tee build/external-step2.log
diff --git a/scripts/sub-restart.sh b/scripts/sub-restart.sh
deleted file mode 100755
index 661e7cd..0000000
--- a/scripts/sub-restart.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh -x
-
-./sub-stop.sh
-./sub-start.sh
diff --git a/scripts/sub-start.sh b/scripts/sub-start.sh
deleted file mode 100755
index 67d31af..0000000
--- a/scripts/sub-start.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh -x
-
-INSTANCE_NAME=pki-sub
-
-systemctl start pki-tomcatd@$INSTANCE_NAME.service
diff --git a/scripts/sub-stop.sh b/scripts/sub-stop.sh
deleted file mode 100755
index dc9dc05..0000000
--- a/scripts/sub-stop.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh -x
-
-INSTANCE_NAME=pki-sub
-
-systemctl stop pki-tomcatd@$INSTANCE_NAME.service
diff --git a/scripts/subca.cfg b/scripts/subca.cfg
deleted file mode 100644
index 346fbd0..0000000
--- a/scripts/subca.cfg
+++ /dev/null
@@ -1,29 +0,0 @@
-[DEFAULT]
-pki_instance_name=pki-subca
-pki_http_port=18080
-pki_https_port=18443
-pki_ajp_port=18010
-pki_tomcat_server_port=18006
-
-[CA]
-pki_admin_password=Secret123
-pki_admin_email=caadmin@example.com
-pki_admin_name=caadmin
-pki_admin_nickname=caadmin
-pki_admin_uid=caadmin
-pki_subordinate=True
-pki_issuing_ca_https_port=8443
-pki_ca_signing_subject_dn=cn=CA Subordinate Signing,dc=example,dc=com
-pki_backup_keys=True
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_ds_base_dn=dc=ca,dc=sub,dc=example,dc=com
-pki_ds_database=subca
-pki_ds_password=Secret123
-pki_security_domain_name=EXAMPLE
-pki_security_domain_password=Secret123
-pki_security_domain_https_port=8443
-pki_security_domain_user=caadmin
-pki_token_password=Secret123
diff --git a/scripts/subkra.cfg b/scripts/subkra.cfg
deleted file mode 100644
index a29139f..0000000
--- a/scripts/subkra.cfg
+++ /dev/null
@@ -1,29 +0,0 @@
-[DEFAULT]
-pki_instance_name=pki-subkra
-pki_http_port=28080
-pki_https_port=28443
-pki_ajp_port=28010
-pki_tomcat_server_port=28006
-
-[KRA]
-pki_import_admin_cert=False
-#pki_admin_cert_file=/root/.dogtag/pki-sub/ca_admin.cert
-pki_admin_email=kraadmin@example.com
-pki_admin_name=kraadmin
-pki_admin_nickname=kraadmin
-pki_admin_password=Secret123
-pki_admin_uid=kraadmin
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_database_purge=False
-pki_client_pkcs12_password=Secret123
-pki_clone_pkcs12_password=Secret123
-pki_ds_base_dn=dc=kra,dc=sub,dc=example,dc=com
-pki_ds_database=subkra
-pki_ds_password=Secret123
-pki_security_domain_name=EXAMPLE
-pki_security_domain_user=caadmin
-pki_security_domain_password=Secret123
-pki_security_domain_https_port=8443
-pki_issuing_ca_https_port=18443
-pki_token_password=Secret123
diff --git a/scripts/tps-enroll.sh b/scripts/tps-enroll.sh
deleted file mode 100755
index 73f9d44..0000000
--- a/scripts/tps-enroll.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-uid=$1
-cuid=$2
-
-if [ "$cuid" == "" ]; then
- #cuid=a00192030405060708c9
- cuid=`hexdump -v -n "10" -e '1/1 "%02x"' /dev/urandom`
-fi
-
-echo $cuid
-
-tpsclient <<EOF
-op=var_set name=ra_host value=localhost
-op=var_set name=ra_port value=8080
-op=var_set name=ra_uri value=/tps/tps
-op=var_list
-
-#op=token_status
-
-op=token_set cuid=$cuid msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=0 minor_ver=0
-
-op=token_set auth_key=404142434445464748494a4b4c4d4e4f
-op=token_set mac_key=404142434445464748494a4b4c4d4e4f
-op=token_set kek_key=404142434445464748494a4b4c4d4e4f
-
-op=token_status
-
-op=ra_enroll uid=$uid pwd=Secret123 new_pin=Secret123 num_threads=1 extensions=tokenType=userKey
-
-#op=token_status
-
-op=exit
-EOF
diff --git a/scripts/tps-format.sh b/scripts/tps-format.sh
deleted file mode 100755
index 6f7be24..0000000
--- a/scripts/tps-format.sh
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-
-uid=$1
-cuid=$2
-
-if [ "$cuid" == "" ]; then
- #cuid=a00192030405060708c9
- #cuid=A7D05D2BA7D1AFB4E7C1
- cuid=`hexdump -v -n "10" -e '1/1 "%02x"' /dev/urandom`
-fi
-
-echo $cuid
-
-tpsclient <<EOF
-op=var_set name=ra_host value=localhost
-op=var_set name=ra_port value=8080
-op=var_set name=ra_uri value=/tps/tps
-op=var_list
-
-#op=token_status
-
-op=token_set cuid=$cuid msn=01020304 app_ver=6FBBC105 key_info=0101 major_ver=0 minor_ver=0
-#op=token_set cuid=$cuid app_ver=6FBBC105 key_info=0101
-
-op=token_set auth_key=404142434445464748494a4b4c4d4e4f
-op=token_set mac_key=404142434445464748494a4b4c4d4e4f
-op=token_set kek_key=404142434445464748494a4b4c4d4e4f
-
-op=token_status
-
-op=ra_format uid=$uid pwd=Secret123 new_pin=Secret123 num_threads=1 extensions=tokenType=userKey
-
-#op=token_status
-
-op=exit
-EOF
diff --git a/scripts/tps-user.sh b/scripts/tps-user.sh
deleted file mode 100755
index 8fc3b60..0000000
--- a/scripts/tps-user.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-uid=$1
-
-ldapadd -h $HOSTNAME -p 389 -D "cn=Directory Manager" -w Secret123 << EOF
-dn: uid=$uid,ou=people,dc=example,dc=com
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: inetOrgPerson
-uid: $uid
-cn: Test User
-sn: User
-givenName: Test
-userPassword: Secret123
-EOF
generated by cgit (git 2.34.1) at 2024-05-28 08:03:56 +0000