summaryrefslogtreecommitdiffstats
path: root/scripts/kra-merged.cfg
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2013-05-30 17:44:18 -0400
committerEndi Sukma Dewata <edewata@redhat.com>2013-05-30 17:44:18 -0400
commitb8418ed021f7ecea8642b10b15be2c42280dd163 (patch)
treed97dd400c3e12fde4ec740e923ff1b671a1dbd48 /scripts/kra-merged.cfg
parentb570cb0b51dbce1e252858e4d66459f2f127925c (diff)
downloadpki-dev-b8418ed021f7ecea8642b10b15be2c42280dd163.tar.gz
pki-dev-b8418ed021f7ecea8642b10b15be2c42280dd163.tar.xz
pki-dev-b8418ed021f7ecea8642b10b15be2c42280dd163.zip
Updated merged configuration.
Diffstat (limited to 'scripts/kra-merged.cfg')
-rw-r--r--scripts/kra-merged.cfg268
1 files changed, 35 insertions, 233 deletions
diff --git a/scripts/kra-merged.cfg b/scripts/kra-merged.cfg
index 63e7f76..bbbc4ee 100644
--- a/scripts/kra-merged.cfg
+++ b/scripts/kra-merged.cfg
@@ -1,233 +1,35 @@
-###############################################################################
-## 'Sensitive' Data: ##
-## ##
-## Values in this section pertain to various PKI subsystems, and contain ##
-## required 'sensitive' information which MUST ALWAYS be provided by users. ##
-## ##
-## IMPORTANT: Sensitive data values must NEVER be displayed to the ##
-## console NOR stored in log files!!! ##
-###############################################################################
-[Sensitive]
-pki_admin_password=Secret123
-pki_backup_password=Secret123
-pki_client_database_password=Secret123
-pki_client_pkcs12_password=Secret123
-pki_clone_pkcs12_password=Secret123
-pki_ds_password=Secret123
-pki_security_domain_password=Secret123
-pki_token_password=Secret123
-###############################################################################
-## 'Common' Data: ##
-## ##
-## Values in this section are common to more than one PKI subsystem, and ##
-## contain required information which MAY be overridden by users as ##
-## necessary. ##
-## ##
-## NOTE: Default values will be generated for any and all required ##
-## 'common' data values which are left undefined. ##
-###############################################################################
-[Common]
-pki_admin_cert_request_type=crmf
-pki_admin_domain_name=
-pki_admin_dualkey=False
-pki_admin_email=kraadmin@example.com
-pki_admin_keysize=2048
-pki_admin_name=kraadmin
-pki_admin_nickname=kraadmin
-pki_admin_subject_dn=
-pki_admin_uid=kraadmin
-pki_audit_group=pkiaudit
-pki_audit_signing_key_algorithm=SHA256withRSA
-pki_audit_signing_key_size=2048
-pki_audit_signing_key_type=rsa
-pki_audit_signing_nickname=
-pki_audit_signing_signing_algorithm=SHA256withRSA
-pki_audit_signing_subject_dn=
-pki_audit_signing_token=
-pki_backup_keys=False
-pki_client_database_dir=
-pki_client_database_purge=False
-pki_client_dir=
-pki_ds_base_dn=dc=kra,dc=example,dc=com
-pki_ds_bind_dn=cn=Directory Manager
-pki_ds_database=kra
-pki_ds_hostname=
-pki_ds_ldap_port=389
-pki_ds_ldaps_port=636
-pki_ds_remove_data=True
-pki_ds_secure_connection=False
-pki_group=pkiuser
-pki_issuing_ca=
-pki_restart_configured_instance=True
-pki_security_domain_hostname=
-pki_security_domain_https_port=8443
-pki_security_domain_name=EXAMPLE
-pki_security_domain_user=caadmin
-pki_skip_configuration=False
-pki_skip_installation=False
-pki_ssl_server_key_algorithm=SHA256withRSA
-pki_ssl_server_key_size=2048
-pki_ssl_server_key_type=rsa
-pki_ssl_server_nickname=
-pki_ssl_server_subject_dn=
-pki_ssl_server_token=
-pki_subsystem_key_algorithm=SHA256withRSA
-pki_subsystem_key_size=2048
-pki_subsystem_key_type=rsa
-pki_subsystem_nickname=
-pki_subsystem_subject_dn=
-pki_subsystem_token=
-pki_token_name=internal
-pki_user=pkiuser
-###############################################################################
-## 'Apache' Data: ##
-## ##
-## Values in this section are common to PKI subsystems that run ##
-## as an instance of 'Apache' (RA and TPS subsystems), and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[Apache]
-pki_instance_name=pki-apache
-pki_http_port=80
-pki_https_port=443
-###############################################################################
-## 'Tomcat' Data: ##
-## ##
-## Values in this section are common to PKI subsystems that run ##
-## as an instance of 'Tomcat' (CA, KRA, OCSP, and TKS subsystems ##
-## including 'Clones', 'Subordinate CAs', and 'External CAs'), and contain ##
-## required information which MAY be overridden by users as necessary. ##
-## ##
-## PKI CLONES: To specify a 'CA Clone', a 'KRA Clone', an 'OCSP Clone', ##
-## or a 'TKS Clone', change the value of 'pki_clone' ##
-## from 'False' to 'True'. ##
-## ##
-## REMINDER: PKI CA Clones, Subordinate CAs, and External CAs ##
-## are MUTUALLY EXCLUSIVE entities!!! ##
-###############################################################################
-[Tomcat]
-pki_ajp_port=8009
-pki_clone=False
-pki_clone_pkcs12_path=
-pki_clone_replicate_schema=True
-pki_clone_replication_master_port=
-pki_clone_replication_clone_port=
-pki_clone_replication_security=None
-pki_clone_uri=
-pki_enable_java_debugger=False
-pki_enable_proxy=False
-pki_http_port=8080
-pki_https_port=8443
-pki_instance_name=master
-pki_proxy_http_port=80
-pki_proxy_https_port=443
-pki_security_manager=true
-pki_tomcat_server_port=8005
-###############################################################################
-## 'CA' Data: ##
-## ##
-## Values in this section are common to CA subsystems including 'PKI CAs', ##
-## 'Cloned CAs', 'Subordinate CAs', and 'External CAs', and contain ##
-## required information which MAY be overridden by users as necessary. ##
-## ##
-## EXTERNAL CAs: To specify an 'External CA', change the value ##
-## of 'pki_external' from 'False' to 'True'. ##
-## ##
-## SUBORDINATE CAs: To specify a 'Subordinate CA', change the value ##
-## of 'pki_subordinate' from 'False' to 'True'. ##
-## ##
-## REMINDER: PKI CA Clones, Subordinate CAs, and External CAs ##
-## are MUTUALLY EXCLUSIVE entities!!! ##
-###############################################################################
-[CA]
-pki_ca_signing_key_algorithm=SHA256withRSA
-pki_ca_signing_key_size=2048
-pki_ca_signing_key_type=rsa
-pki_ca_signing_nickname=
-pki_ca_signing_signing_algorithm=SHA256withRSA
-pki_ca_signing_subject_dn=
-pki_ca_signing_token=
-pki_external=False
-pki_external_ca_cert_chain_path=
-pki_external_ca_cert_path=
-pki_external_csr_path=
-pki_external_step_two=False
-pki_ocsp_signing_key_algorithm=SHA256withRSA
-pki_ocsp_signing_key_size=2048
-pki_ocsp_signing_key_type=rsa
-pki_ocsp_signing_nickname=
-pki_ocsp_signing_signing_algorithm=SHA256withRSA
-pki_ocsp_signing_subject_dn=
-pki_ocsp_signing_token=
-pki_subordinate=False
-pki_subsystem=CA
-pki_subsystem_name=
-###############################################################################
-## 'KRA' Data: ##
-## ##
-## Values in this section are common to KRA subsystems ##
-## including 'PKI KRAs' and 'Cloned KRAs', and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[KRA]
-pki_storage_key_algorithm=SHA256withRSA
-pki_storage_key_size=2048
-pki_storage_key_type=rsa
-pki_storage_nickname=
-pki_storage_signing_algorithm=SHA256withRSA
-pki_storage_subject_dn=
-pki_storage_token=
-pki_subsystem=KRA
-pki_subsystem_name=
-pki_transport_key_algorithm=SHA256withRSA
-pki_transport_key_size=2048
-pki_transport_key_type=rsa
-pki_transport_nickname=
-pki_transport_signing_algorithm=SHA256withRSA
-pki_transport_subject_dn=
-pki_transport_token=
-###############################################################################
-## 'OCSP' Data: ##
-## ##
-## Values in this section are common to OCSP subsystems ##
-## including 'PKI OCSPs' and 'Cloned OCSPs', and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[OCSP]
-pki_ocsp_signing_key_algorithm=SHA256withRSA
-pki_ocsp_signing_key_size=2048
-pki_ocsp_signing_key_type=rsa
-pki_ocsp_signing_nickname=
-pki_ocsp_signing_signing_algorithm=SHA256withRSA
-pki_ocsp_signing_subject_dn=
-pki_ocsp_signing_token=
-pki_subsystem=OCSP
-pki_subsystem_name=
-###############################################################################
-## 'RA' Data: ##
-## ##
-## Values in this section are common to PKI RA subsystems, and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[RA]
-pki_subsystem=RA
-pki_subsystem_name=
-###############################################################################
-## 'TKS' Data: ##
-## ##
-## Values in this section are common to TKS subsystems ##
-## including 'PKI TKSs' and 'Cloned TKSs', and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[TKS]
-pki_subsystem=TKS
-pki_subsystem_name=
-###############################################################################
-## 'TPS' Data: ##
-## ##
-## Values in this section are common to PKI TPS subsystems, and contain ##
-## required information which MAY be overridden by users as necessary. ##
-###############################################################################
-[TPS]
-pki_subsystem=TPS
-pki_subsystem_name=
+[KRA]
+pki_security_domain_https_port=443
+pki_security_domain_password=Secret123
+pki_security_domain_user=admin
+pki_enable_proxy = True
+pki_restart_configured_instance = False
+pki_backup_keys = True
+pki_backup_password = Secret123
+pki_client_database_dir = /tmp/tmp-ce2oQN
+pki_client_database_password = Secret123
+pki_client_database_purge = False
+pki_client_pkcs12_password = Secret123
+pki_admin_name = admin
+pki_admin_uid = admin
+pki_admin_email = root@localhost
+pki_admin_password = Secret123
+pki_admin_nickname = ipa-ca-agent
+pki_admin_subject_dn = cn=ipa-ca-agent,O=GREYOAK.COM
+pki_import_admin_cert=True
+pki_admin_cert_file=/root/.dogtag/pki-tomcat/ca_admin.cert
+pki_client_admin_cert_p12 = /root/ca-agent.p12
+pki_ds_ldap_port = 389
+pki_ds_password = Secret123
+pki_ds_base_dn = o=ipakra
+pki_ds_database = ipakra
+pki_storage_subject_dn=cn=DRM Storage Certificate,o=GREYOAK.COM
+pki_transport_subject_dn=cn=DRM Transport Certificate,o=GREYOAK.COM
+pki_subsystem_subject_dn = cn=DRM Subsystem,O=GREYOAK.COM
+pki_ssl_server_subject_dn = cn=dart.greyoak.com,O=GREYOAK.COM
+pki_audit_signing_subject_dn = cn=DRM Audit,O=GREYOAK.COM
+pki_subsystem_nickname = subsystemCert cert-pki-kra
+pki_ssl_server_nickname = Server-Cert cert-pki-ca
+pki_audit_signing_nickname = auditSigningCert cert-pki-kra
+pki_storage_nickname=storageCert cert-pki-kra
+pki_transport_nickname=transportCert cert-pki-kra
generated by cgit (git 2.34.1) at 2024-05-10 22:39:17 +0000