pki.git/base/deploy/src/scriptlets/pkihelper.py, branch ticket-501 Unnamed repository; edit this file 'description' to name the repository. Resolved Trac Ticket 367 - pkidestroy does not remove connector 2013-01-15T14:28:38+00:00 Ade Lee alee@redhat.com 2012-12-20T22:38:13+00:00 1cceecafb8050ec362a9c9568d36d52d3fe4117e * Added RESTful servlet to add/remove a KRA connector from the CA. * Modified ACL to allow KRA subsystem user to remove connector. * Modified connector code to allow the connector to be replaced without a server restart. * Added functionality to pki CLI to add/remove connector * Added code to pkidestroy to remove the connector (using both pki CLI and sslget) When the issues with pki connection are resolved, we will use that method instead. * Modified sslget to accept HTTP return codes != 200. In this case, we were returning 204 - which is perfectly legitimate. 
* Added RESTful servlet to add/remove a KRA connector from the CA.
* Modified ACL to allow KRA subsystem user to remove connector.
* Modified connector code to allow the connector to be replaced without a server restart.
* Added functionality to pki CLI to add/remove connector
* Added code to pkidestroy to remove the connector (using both pki CLI and sslget)
  When the issues with pki connection are resolved, we will use that method instead.
* Modified sslget to accept HTTP return codes != 200.  In this case, we were returning
  204 - which is perfectly legitimate.
pkispawn modified to not relabel when selinux is disabled 2012-12-19T05:05:38+00:00 Ade Lee alee@redhat.com 2012-12-18T19:25:13+00:00 c3fdb8ffc11938514d96760c9a62d619f90cbcca Ticket 393 
Ticket 393
Removed duplicate pki_instance_id parameter. 2012-12-19T02:37:27+00:00 Ade Lee alee@redhat.com 2012-12-12T20:03:09+00:00 b108353235bd40bf8f36004e6caee6be42578b15 Ticket 435 
Ticket 435
Parameterizing RESTEasy paths. 2012-12-07T02:23:11+00:00 Endi Sukma Dewata edewata@redhat.com 2012-12-06T18:06:14+00:00 9996d71e1a4fb7a8ca6752b83e4f2393dbefa76b The paths to RESTEasy jar files have been modified such that it can be configured globally at build time using the spec file to support different distributions, and at deployment time using a system-wide configuration in /etc/pki/pki.conf. Ticket #422, #423. 
The paths to RESTEasy jar files have been modified such that it can
be configured globally at build time using the spec file to support
different distributions, and at deployment time using a system-wide
configuration in /etc/pki/pki.conf.

Ticket #422, #423.
Implemented ability to utilize an external CA 2012-12-06T22:41:28+00:00 Matthew Harmsen mharmsen@redhat.com 2012-12-06T22:23:21+00:00 8d5eb937f99fd18398401f3f744eb85775293e23 * TRAC Ticket #231 - Dogtag 10: Update PKI Deployment to handle external CA 
* TRAC Ticket #231 - Dogtag 10: Update PKI Deployment to handle external CA
Archiving default deployment configuration. 2012-12-04T20:50:55+00:00 Endi Sukma Dewata edewata@redhat.com 2012-12-04T12:19:43+00:00 81bb209d0a3227f544b7b8e4ec3fc0631c8f3c47 The default deployment configuration has been renamed and moved to /etc/pki/default.cfg to make it more accessible to users. The pkispawn has been modified to archive the default deployment configuration along with the user-provided configuration in the registry. The pkidestroy will now use both archived configuration files to ensure proper removal of the subsystem. Ticket #399 
The default deployment configuration has been renamed and moved to
/etc/pki/default.cfg to make it more accessible to users. The pkispawn
has been modified to archive the default deployment configuration
along with the user-provided configuration in the registry. The
pkidestroy will now use both archived configuration files to ensure
proper removal of the subsystem.

Ticket #399
Reorganized sensitive parameters. 2012-11-30T21:02:48+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-28T14:27:16+00:00 5e93dc2ce2c26c43d3e2f7e9a40cbf08507a5ea6 Previously sensitive parameters are stored in the Sensitive section in the configuration file, separate from the hierarchical structure used by non-sensitive parameters. To allow defining multiple subsystems in a single configuration file the sensitive and non-sensitive parameters have been reorganized into the same hierarchical structure. To maintain the security a new meta-parameter has been added to list all sensitive parameter names. This way the deployment code will know whether a parameter is sensitive, which then will mask the value before displaying it to the screen or storing it in a log file. Ticket #399 
Previously sensitive parameters are stored in the Sensitive section in
the configuration file, separate from the hierarchical structure used
by non-sensitive parameters. To allow defining multiple subsystems in
a single configuration file the sensitive and non-sensitive parameters
have been reorganized into the same hierarchical structure.

To maintain the security a new meta-parameter has been added to list
all sensitive parameter names. This way the deployment code will know
whether a parameter is sensitive, which then will mask the value before
displaying it to the screen or storing it in a log file.

Ticket #399
Refactored pkiparser.py into PKIConfigParser. 2012-11-30T20:01:47+00:00 Endi Sukma Dewata edewata@redhat.com 2012-11-30T18:45:50+00:00 68751fb281477190cad960d2ef4fce2d15e00798 The code in pkiparser.py has been converted into PKIConfigParser class to facilitate further improvements. Ticket #399 
The code in pkiparser.py has been converted into PKIConfigParser
class to facilitate further improvements.

Ticket #399
Link to resteasy-base on rhel systems when running pkispawn 2012-11-21T05:04:32+00:00 Ade Lee alee@redhat.com 2012-11-21T04:34:32+00:00 40e58f937d49f1a0029a226ab714cb54f12a9239 






removed dry_run from pkispawn
2012-11-11T04:10:15+00:00

Ade Lee
alee@redhat.com

2012-11-09T17:31:40+00:00

318716f3425a1d818e0633453a1d27a68d2f7f5f

Ticket 411





Ticket 411