pki.git, branch ticket-403 Unnamed repository; edit this file 'description' to name the repository. Replaced links of scriptlets with lists. 2012-11-30T20:14:47+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-28T23:59:06+00:00 4d650eca1d326a1a2e64a03d2472f389a075786a Previously the deployment tools used symbolic links to determine the scriplets to execute and their order. The code has been changed such that now the scriplets are listed as parameters (spawn_scriplets and destroy_scriplets) in the configuration file. Ticket #403 
Previously the deployment tools used symbolic links to determine the
scriplets to execute and their order. The code has been changed such
that now the scriplets are listed as parameters (spawn_scriplets and
destroy_scriplets) in the configuration file.

Ticket #403
Simplified the configuration file using defaults. 2012-11-30T20:12:27+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-28T18:12:24+00:00 9c879d5feea84bb90faf77c0c68fd57325c5b5b5 Previously to create a subsystem the admin would have to copy the entire default deployment configuration, which contains many parameters, and then customize it. Now the deployment code has been changed such that the default config file will be used to provide the default values, so the admin will only need to provide the non-default parameters, thus reducing the size of the file. Sample configuration files are provided in /usr/share/pki/ deployment/config. Ticket #399 
Previously to create a subsystem the admin would have to copy the
entire default deployment configuration, which contains many
parameters, and then customize it. Now the deployment code has been
changed such that the default config file will be used to provide
the default values, so the admin will only need to provide the
non-default parameters, thus reducing the size of the file.

Sample configuration files are provided in /usr/share/pki/
deployment/config.

Ticket #399
Reorganized sensitive parameters. 2012-11-30T20:10:31+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-28T14:27:16+00:00 719478fd34077fcbf1b6c6ad201c36ff57983490 Previously sensitive parameters are stored in the Sensitive section in the configuration file, separate from the hierarchical structure used by non-sensitive parameters. To allow defining multiple subsystems in a single configuration file the sensitive and non-sensitive parameters have been reorganized into the same hierarchical structure. To maintain the security a new meta-parameter has been added to list all sensitive parameter names. This way the deployment code will know whether a parameter is sensitive, which then will mask the value before displaying it to the screen or storing it in a log file. Ticket #399 
Previously sensitive parameters are stored in the Sensitive section in
the configuration file, separate from the hierarchical structure used
by non-sensitive parameters. To allow defining multiple subsystems in
a single configuration file the sensitive and non-sensitive parameters
have been reorganized into the same hierarchical structure.

To maintain the security a new meta-parameter has been added to list
all sensitive parameter names. This way the deployment code will know
whether a parameter is sensitive, which then will mask the value before
displaying it to the screen or storing it in a log file.

Ticket #399
Fixed issuedOn parameters for cert-find. 2012-11-30T20:02:06+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-16T15:13:33+00:00 cef7a7704f9f4b48c0a9b242fabd3a919f2068d5 The CertSearchRequest has been modified to fix the infinite loop in getIssuedOnTo(). The CertFindCLI has been modified to accept dates with format YYYY-MM-DD instead of epoch time. Ticket #416 
The CertSearchRequest has been modified to fix the infinite loop
in getIssuedOnTo(). The CertFindCLI has been modified to accept
dates with format YYYY-MM-DD instead of epoch time.

Ticket #416
Fixed default security domain user. 2012-11-30T20:01:55+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-14T16:11:13+00:00 ba1e743ed6903d063543c817abe6543c8bae74ba The deployment code has been modified such that if the security domain user is not specified it will use the CA admin uid, or Common uid, if it is defined. Otherwise it will use the default "caadmin". Ticket #399 
The deployment code has been modified such that if the security
domain user is not specified it will use the CA admin uid, or
Common uid, if it is defined. Otherwise it will use the default
"caadmin".

Ticket #399
Refactored pkiparser.py into PKIConfigParser. 2012-11-30T20:01:47+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-30T18:45:50+00:00 68751fb281477190cad960d2ef4fce2d15e00798 The code in pkiparser.py has been converted into PKIConfigParser class to facilitate further improvements. Ticket #399 
The code in pkiparser.py has been converted into PKIConfigParser
class to facilitate further improvements.

Ticket #399
Fix for improper crl retrieval from CA. 2012-11-21T17:16:37+00:00 Abhishek Koneru akoneru@redhat.com 2012-11-20T02:20:37+00:00 066789642947768eceb024a4064af88efeed24b0 






Misc changes to get rhel 7 build to work
2012-11-21T15:47:50+00:00

Ade Lee
alee@redhat.com

2012-11-21T15:16:04+00:00

871b4423babc140d984d4b49aa380710cfcaf72a

1. Modified cmake dependency
2. Corrected conditionals in spec file
3. Added paths for resteasy-base
4. Added paths to policy for resteasy-base





1. Modified cmake dependency
2. Corrected conditionals in spec file
3. Added paths for resteasy-base
4. Added paths to policy for resteasy-base







Link to resteasy-base on rhel systems when running pkispawn
2012-11-21T05:04:32+00:00

Ade Lee
alee@redhat.com

2012-11-21T04:34:32+00:00

40e58f937d49f1a0029a226ab714cb54f12a9239












Removed obsolete cmake modules, updated spec files
2012-11-20T20:05:24+00:00

Ade Lee
alee@redhat.com

2012-11-20T19:15:36+00:00

96af71db61acac4adb3a1c8a73391467b3572a49