Updated CA scripts.

12 files changed, 52 insertions, 16 deletions

diff --git a/scripts/ca-certs.sh b/scripts/ca-certs.sh
index 4633ff2..730bbd9 100755
--- a/scripts/ca-certs.sh
+++ b/scripts/ca-certs.sh
@@ -1,5 +1,5 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 certutil -L -d /var/lib/pki/$INSTANCE_NAME/alias
diff --git a/scripts/ca-debug.sh b/scripts/ca-debug.sh
index 0839a42..fc8c67f 100755
--- a/scripts/ca-debug.sh
+++ b/scripts/ca-debug.sh
@@ -1,7 +1,7 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
-FILE=/etc/sysconfig/ca-master
+INSTANCE_NAME=pki-tomcat
+FILE=/etc/sysconfig/pki-tomcat
 
 # semanage port -a -t http_port_t -p tcp 8000
 sed 's/^#\(JAVA_OPTS="-Xdebug.*\)$/\1/' < $FILE > $FILE.tmp
diff --git a/scripts/ca-merged.cfg.ipa b/scripts/ca-merged.cfg.ipa
new file mode 100644
index 0000000..eb21d7e
--- /dev/null
+++ b/scripts/ca-merged.cfg.ipa
@@ -0,0 +1,35 @@
+[DEFAULT]
+#pki_skip_configuration=True
+
+[CA]
+pki_security_domain_name = IPA
+pki_enable_proxy = True
+pki_restart_configured_instance = False
+pki_backup_keys = True
+pki_backup_password = Secret123
+pki_client_database_dir = /tmp/tmp-VkH7xp
+pki_client_database_password = Secret123
+pki_client_database_purge = False
+pki_client_pkcs12_password = Secret123
+pki_admin_name = admin
+pki_admin_uid = admin
+pki_admin_email = root@localhost
+pki_admin_password = Secret123
+pki_admin_nickname = ipa-ca-agent
+pki_admin_subject_dn = cn=ipa-ca-agent,O=REDHAT.COM
+pki_client_admin_cert_p12 = /root/ca-agent.p12
+pki_ds_ldap_port = 389
+pki_ds_password = Secret123
+pki_ds_base_dn = o=ipaca
+pki_ds_database = ipaca
+pki_subsystem_subject_dn = cn=CA Subsystem,O=REDHAT.COM
+pki_ocsp_signing_subject_dn = cn=OCSP Subsystem,O=REDHAT.COM
+pki_ssl_server_subject_dn = cn=vm-117.idm.lab.bos.redhat.com,O=REDHAT.COM
+pki_audit_signing_subject_dn = cn=CA Audit,O=REDHAT.COM
+pki_ca_signing_subject_dn = cn=Certificate Authority,O=REDHAT.COM
+pki_subsystem_nickname = subsystemCert cert-pki-ca
+pki_ocsp_signing_nickname = ocspSigningCert cert-pki-ca
+pki_ssl_server_nickname = Server-Cert cert-pki-ca
+pki_audit_signing_nickname = auditSigningCert cert-pki-ca
+pki_ca_signing_nickname = caSigningCert cert-pki-ca
+
diff --git a/scripts/ca-nuke.sh b/scripts/ca-nuke.sh
index db3dbca..b19afc3 100755
--- a/scripts/ca-nuke.sh
+++ b/scripts/ca-nuke.sh
@@ -1,5 +1,5 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 ./nuke.sh $INSTANCE_NAME
diff --git a/scripts/ca-remove.sh b/scripts/ca-remove.sh
index 438f8dd..2f5640b 100755
--- a/scripts/ca-remove.sh
+++ b/scripts/ca-remove.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
 SRC_DIR=`cd ../.. ; pwd`
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 pkidestroy -v -s CA -i $INSTANCE_NAME
diff --git a/scripts/ca-run.sh b/scripts/ca-run.sh
index 105f5c4..3a5d5e0 100755
--- a/scripts/ca-run.sh
+++ b/scripts/ca-run.sh
@@ -1,6 +1,6 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 java -agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n -classpath :/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/var/lib/pki/$INSTANCE_NAME -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/$INSTANCE_NAME/temp org.apache.catalina.startup.Bootstrap start
 
diff --git a/scripts/ca-start.sh b/scripts/ca-start.sh
index 677b8e7..33f7a5f 100755
--- a/scripts/ca-start.sh
+++ b/scripts/ca-start.sh
@@ -1,5 +1,5 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 systemctl start pki-tomcatd@$INSTANCE_NAME.service
diff --git a/scripts/ca-stop.sh b/scripts/ca-stop.sh
index 66fd9f0..a21c1e6 100755
--- a/scripts/ca-stop.sh
+++ b/scripts/ca-stop.sh
@@ -1,5 +1,5 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 
 systemctl stop pki-tomcatd@$INSTANCE_NAME.service
diff --git a/scripts/ca-test.sh b/scripts/ca-test.sh
index 7acb08f..031c718 100755
--- a/scripts/ca-test.sh
+++ b/scripts/ca-test.sh
@@ -2,7 +2,7 @@
 
 SRC_DIR=`cd ../.. ; pwd`
 
-INSTANCE_NAME=ca-master
+INSTANCE_NAME=pki-tomcat
 CLIENT_CERT_DIR=/var/lib/pki/$INSTANCE_NAME/ca/certs
 SERVER_CERT_DIR=/var/lib/pki/$INSTANCE_NAME/alias
 CERT_NAME="caSigningCert cert-${INSTANCE_NAME}"
diff --git a/scripts/ca-undebug.sh b/scripts/ca-undebug.sh
index db7bd5d..4182085 100755
--- a/scripts/ca-undebug.sh
+++ b/scripts/ca-undebug.sh
@@ -1,7 +1,7 @@
 #!/bin/sh -x
 
-INSTANCE_NAME=ca-master
-FILE=/etc/sysconfig/ca-master
+INSTANCE_NAME=pki-tomcat
+FILE=/etc/sysconfig/pki-tomcat
 
 # semanage port -d -t http_port_t -p tcp 8000
 sed 's/^\(JAVA_OPTS="-Xdebug.*\)$/#\1/' < $FILE > $FILE.tmp
diff --git a/scripts/ca.cfg b/scripts/ca.cfg
index 83b19bf..5ac1dab 100644
--- a/scripts/ca.cfg
+++ b/scripts/ca.cfg
@@ -1,6 +1,6 @@
 [DEFAULT]
-pki_instance_name=ca-master
-#pki_skip_configuration=True
+pki_skip_installation=False
+pki_skip_configuration=False
 
 [CA]
 pki_admin_email=caadmin@example.com
diff --git a/scripts/dev-init.sh b/scripts/dev-init.sh
index 65157cd..af6ea87 100755
--- a/scripts/dev-init.sh
+++ b/scripts/dev-init.sh
@@ -1,7 +1,7 @@
 #!/bin/sh -x
 
-useradd dirsrv
-useradd pkiuser
+useradd dirsrv -d /usr/share/dirsrv
+useradd pkiuser -d /usr/share/pki
 
 yum install -y\
 	git\
@@ -27,7 +27,7 @@ yum install -y\
 	xalan-j2\
 	xerces-j2\
 	selinux-policy-devel\
-	389-ds\
+	389-ds-base\
 	java-1.7.0-openjdk\
 	junit\
 	jss\
@@ -38,6 +38,7 @@ yum install -y\
 	perl-File-Slurp\
 	perl-XML-LibXML\
 	perl-Crypt-SSLeay\
+	python-ldap\
 	python-lxml\
 	python-nss\
 	freeipa-python\