diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-07-21 18:08:26 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-21 18:08:38 +0200 |
commit | 28c1241fbcc36cf3fdddd50d6978a1885145f713 (patch) | |
tree | a296afdbbac9864b50a451dbc6b285d66930f947 /scripts/kra-standalone-step2.sh | |
parent | d62ea0eca2a05a7059f071296250c63e9ea9b347 (diff) | |
download | pki-dev-28c1241fbcc36cf3fdddd50d6978a1885145f713.tar.gz pki-dev-28c1241fbcc36cf3fdddd50d6978a1885145f713.tar.xz pki-dev-28c1241fbcc36cf3fdddd50d6978a1885145f713.zip |
Added standalone KRA scripts.
Diffstat (limited to 'scripts/kra-standalone-step2.sh')
-rwxr-xr-x | scripts/kra-standalone-step2.sh | 53 |
1 files changed, 44 insertions, 9 deletions
diff --git a/scripts/kra-standalone-step2.sh b/scripts/kra-standalone-step2.sh index e58bbfe..e8fd709 100755 --- a/scripts/kra-standalone-step2.sh +++ b/scripts/kra-standalone-step2.sh @@ -1,15 +1,50 @@ #!/bin/sh -x -cp external_ca.cert /etc/pki/pki-tomcat +mkdir -p tmp # TODO: should not be required -cp external_ca_chain.cert /etc/pki/pki-tomcat +# cp tmp/ca_signing.crt tmp/cert_chain.p7b -cp kra_admin.cert /etc/pki/pki-tomcat -cp kra_transport.cert /etc/pki/pki-tomcat -cp kra_storage.cert /etc/pki/pki-tomcat -cp kra_sslserver.cert /etc/pki/pki-tomcat -cp kra_subsystem.cert /etc/pki/pki-tomcat -cp kra_audit_signing.cert /etc/pki/pki-tomcat +cat > tmp/kra-standalone-step2.cfg << EOF +[KRA] +pki_admin_email=kraadmin@example.com +pki_admin_name=kraadmin +pki_admin_nickname=kraadmin +pki_admin_password=Secret.123 +pki_admin_uid=kraadmin -pkispawn -v -f kra-standalone-step2.cfg -s KRA +#pki_backup_keys=True +#pki_backup_password=Secret.123 + +pki_client_database_password=Secret.123 +pki_client_database_purge=False +pki_client_pkcs12_password=Secret.123 + +pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com +pki_ds_password=Secret.123 +pki_ds_database=kra + +pki_security_domain_name=EXAMPLE +pki_token_password=Secret.123 + +pki_standalone=True +pki_external_step_two=True + +pki_storage_nickname=storage +pki_transport_nickname=transport +pki_audit_signing_nickname=kra_audit_signing +pki_ssl_server_nickname=sslserver +pki_subsystem_nickname=subsystem +pki_cert_chain_nickname=external + +pki_external_ca_cert_chain_path=$PWD/tmp/cert_chain.p7b +pki_external_ca_cert_path=$PWD/tmp/ca_signing.crt +pki_external_admin_cert_path=$PWD/tmp/kra_admin.crt +pki_external_storage_cert_path=$PWD/tmp/kra_storage.crt +pki_external_transport_cert_path=$PWD/tmp/kra_transport.crt +pki_external_audit_signing_cert_path=$PWD/tmp/kra_audit_signing.crt +pki_external_sslserver_cert_path=$PWD/tmp/sslserver.crt +pki_external_subsystem_cert_path=$PWD/tmp/subsystem.crt +EOF + +pkispawn -v -f tmp/kra-standalone-step2.cfg -s KRA |