diff options
-rwxr-xr-x | scripts/ca-certs.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-debug.sh | 4 | ||||
-rw-r--r-- | scripts/ca-merged.cfg.ipa | 35 | ||||
-rwxr-xr-x | scripts/ca-nuke.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-remove.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-run.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-start.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-stop.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-test.sh | 2 | ||||
-rwxr-xr-x | scripts/ca-undebug.sh | 4 | ||||
-rw-r--r-- | scripts/ca.cfg | 4 | ||||
-rwxr-xr-x | scripts/dev-init.sh | 7 |
12 files changed, 52 insertions, 16 deletions
diff --git a/scripts/ca-certs.sh b/scripts/ca-certs.sh index 4633ff2..730bbd9 100755 --- a/scripts/ca-certs.sh +++ b/scripts/ca-certs.sh @@ -1,5 +1,5 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat certutil -L -d /var/lib/pki/$INSTANCE_NAME/alias diff --git a/scripts/ca-debug.sh b/scripts/ca-debug.sh index 0839a42..fc8c67f 100755 --- a/scripts/ca-debug.sh +++ b/scripts/ca-debug.sh @@ -1,7 +1,7 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master -FILE=/etc/sysconfig/ca-master +INSTANCE_NAME=pki-tomcat +FILE=/etc/sysconfig/pki-tomcat # semanage port -a -t http_port_t -p tcp 8000 sed 's/^#\(JAVA_OPTS="-Xdebug.*\)$/\1/' < $FILE > $FILE.tmp diff --git a/scripts/ca-merged.cfg.ipa b/scripts/ca-merged.cfg.ipa new file mode 100644 index 0000000..eb21d7e --- /dev/null +++ b/scripts/ca-merged.cfg.ipa @@ -0,0 +1,35 @@ +[DEFAULT] +#pki_skip_configuration=True + +[CA] +pki_security_domain_name = IPA +pki_enable_proxy = True +pki_restart_configured_instance = False +pki_backup_keys = True +pki_backup_password = Secret123 +pki_client_database_dir = /tmp/tmp-VkH7xp +pki_client_database_password = Secret123 +pki_client_database_purge = False +pki_client_pkcs12_password = Secret123 +pki_admin_name = admin +pki_admin_uid = admin +pki_admin_email = root@localhost +pki_admin_password = Secret123 +pki_admin_nickname = ipa-ca-agent +pki_admin_subject_dn = cn=ipa-ca-agent,O=REDHAT.COM +pki_client_admin_cert_p12 = /root/ca-agent.p12 +pki_ds_ldap_port = 389 +pki_ds_password = Secret123 +pki_ds_base_dn = o=ipaca +pki_ds_database = ipaca +pki_subsystem_subject_dn = cn=CA Subsystem,O=REDHAT.COM +pki_ocsp_signing_subject_dn = cn=OCSP Subsystem,O=REDHAT.COM +pki_ssl_server_subject_dn = cn=vm-117.idm.lab.bos.redhat.com,O=REDHAT.COM +pki_audit_signing_subject_dn = cn=CA Audit,O=REDHAT.COM +pki_ca_signing_subject_dn = cn=Certificate Authority,O=REDHAT.COM +pki_subsystem_nickname = subsystemCert cert-pki-ca +pki_ocsp_signing_nickname = ocspSigningCert cert-pki-ca +pki_ssl_server_nickname = Server-Cert cert-pki-ca +pki_audit_signing_nickname = auditSigningCert cert-pki-ca +pki_ca_signing_nickname = caSigningCert cert-pki-ca + diff --git a/scripts/ca-nuke.sh b/scripts/ca-nuke.sh index db3dbca..b19afc3 100755 --- a/scripts/ca-nuke.sh +++ b/scripts/ca-nuke.sh @@ -1,5 +1,5 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat ./nuke.sh $INSTANCE_NAME diff --git a/scripts/ca-remove.sh b/scripts/ca-remove.sh index 438f8dd..2f5640b 100755 --- a/scripts/ca-remove.sh +++ b/scripts/ca-remove.sh @@ -1,6 +1,6 @@ #!/bin/sh SRC_DIR=`cd ../.. ; pwd` -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat pkidestroy -v -s CA -i $INSTANCE_NAME diff --git a/scripts/ca-run.sh b/scripts/ca-run.sh index 105f5c4..3a5d5e0 100755 --- a/scripts/ca-run.sh +++ b/scripts/ca-run.sh @@ -1,6 +1,6 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat java -agentlib:jdwp=transport=dt_socket,address=8000,server=y,suspend=n -classpath :/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/var/lib/pki/$INSTANCE_NAME -Dcatalina.home=/usr/share/tomcat -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/$INSTANCE_NAME/temp org.apache.catalina.startup.Bootstrap start diff --git a/scripts/ca-start.sh b/scripts/ca-start.sh index 677b8e7..33f7a5f 100755 --- a/scripts/ca-start.sh +++ b/scripts/ca-start.sh @@ -1,5 +1,5 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat systemctl start pki-tomcatd@$INSTANCE_NAME.service diff --git a/scripts/ca-stop.sh b/scripts/ca-stop.sh index 66fd9f0..a21c1e6 100755 --- a/scripts/ca-stop.sh +++ b/scripts/ca-stop.sh @@ -1,5 +1,5 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat systemctl stop pki-tomcatd@$INSTANCE_NAME.service diff --git a/scripts/ca-test.sh b/scripts/ca-test.sh index 7acb08f..031c718 100755 --- a/scripts/ca-test.sh +++ b/scripts/ca-test.sh @@ -2,7 +2,7 @@ SRC_DIR=`cd ../.. ; pwd` -INSTANCE_NAME=ca-master +INSTANCE_NAME=pki-tomcat CLIENT_CERT_DIR=/var/lib/pki/$INSTANCE_NAME/ca/certs SERVER_CERT_DIR=/var/lib/pki/$INSTANCE_NAME/alias CERT_NAME="caSigningCert cert-${INSTANCE_NAME}" diff --git a/scripts/ca-undebug.sh b/scripts/ca-undebug.sh index db7bd5d..4182085 100755 --- a/scripts/ca-undebug.sh +++ b/scripts/ca-undebug.sh @@ -1,7 +1,7 @@ #!/bin/sh -x -INSTANCE_NAME=ca-master -FILE=/etc/sysconfig/ca-master +INSTANCE_NAME=pki-tomcat +FILE=/etc/sysconfig/pki-tomcat # semanage port -d -t http_port_t -p tcp 8000 sed 's/^\(JAVA_OPTS="-Xdebug.*\)$/#\1/' < $FILE > $FILE.tmp diff --git a/scripts/ca.cfg b/scripts/ca.cfg index 83b19bf..5ac1dab 100644 --- a/scripts/ca.cfg +++ b/scripts/ca.cfg @@ -1,6 +1,6 @@ [DEFAULT] -pki_instance_name=ca-master -#pki_skip_configuration=True +pki_skip_installation=False +pki_skip_configuration=False [CA] pki_admin_email=caadmin@example.com diff --git a/scripts/dev-init.sh b/scripts/dev-init.sh index 65157cd..af6ea87 100755 --- a/scripts/dev-init.sh +++ b/scripts/dev-init.sh @@ -1,7 +1,7 @@ #!/bin/sh -x -useradd dirsrv -useradd pkiuser +useradd dirsrv -d /usr/share/dirsrv +useradd pkiuser -d /usr/share/pki yum install -y\ git\ @@ -27,7 +27,7 @@ yum install -y\ xalan-j2\ xerces-j2\ selinux-policy-devel\ - 389-ds\ + 389-ds-base\ java-1.7.0-openjdk\ junit\ jss\ @@ -38,6 +38,7 @@ yum install -y\ perl-File-Slurp\ perl-XML-LibXML\ perl-Crypt-SSLeay\ + python-ldap\ python-lxml\ python-nss\ freeipa-python\ |