diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-12-01 17:20:47 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-12-01 17:20:47 +0000 |
commit | 5ef22989a67da780f246e1799fe51c026ab9c995 (patch) | |
tree | 48505f614b9462320c9c397822ccb3f65f191555 | |
parent | f57b58f45f5e0528c894645fb8d4ff6206ee73b5 (diff) | |
download | pki-5ef22989a67da780f246e1799fe51c026ab9c995.tar.gz pki-5ef22989a67da780f246e1799fe51c026ab9c995.tar.xz pki-5ef22989a67da780f246e1799fe51c026ab9c995.zip |
Bug 642357 - CC Feature- Self-Test plugins only check for validity (missing CS.cfg changes)
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1596 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
-rw-r--r-- | pki/base/ca/shared/conf/CS.cfg | 13 | ||||
-rw-r--r-- | pki/base/kra/shared/conf/CS.cfg | 11 | ||||
-rw-r--r-- | pki/base/ocsp/shared/conf/CS.cfg | 13 | ||||
-rw-r--r-- | pki/base/tks/shared/conf/CS.cfg | 13 | ||||
-rw-r--r-- | pki/base/tps/doc/CS.cfg | 6 |
5 files changed, 49 insertions, 7 deletions
diff --git a/pki/base/ca/shared/conf/CS.cfg b/pki/base/ca/shared/conf/CS.cfg index 463859a98..8eab9d87f 100644 --- a/pki/base/ca/shared/conf/CS.cfg +++ b/pki/base/ca/shared/conf/CS.cfg @@ -45,6 +45,7 @@ preop.admin.name=Certificate System Administrator preop.admin.group=Certificate Manager Agents preop.admincert.profile=caAdminCert preop.pin=[PKI_RANDOM_NUMBER] +ca.cert.list=signing,ocsp_signing,sslserver,subsystem,audit_signing preop.cert.list=signing,ocsp_signing,sslserver,subsystem,audit_signing preop.cert.signing.enable=true preop.cert.ocsp_signing.enable=true @@ -1021,8 +1022,15 @@ request.assignee.enable=true selftests._000=## selftests._001=## Self Tests selftests._002=## +selftests._003=## The Self-Test plugin SystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## ca.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## ca.cert.<cert tag name>.nickname +selftests._007=## ca.cert.<cert tag name>.certusage +selftests._008=## selftests.container.instance.CAPresence=com.netscape.cms.selftests.ca.CAPresence selftests.container.instance.CAValidity=com.netscape.cms.selftests.ca.CAValidity +selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification selftests.container.logger.bufferSize=512 selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile selftests.container.logger.enable=true @@ -1034,10 +1042,11 @@ selftests.container.logger.maxFileSize=2000 selftests.container.logger.register=false selftests.container.logger.rolloverInterval=2592000 selftests.container.logger.type=transaction -selftests.container.order.onDemand=CAPresence:critical, CAValidity:critical -selftests.container.order.startup=CAPresence:critical, CAValidity:critical +selftests.container.order.onDemand=CAPresence:critical, SystemCertsVerification:critical, CAValidity:critical +selftests.container.order.startup=CAPresence:critical, SystemCertsVerification:critical selftests.plugin.CAPresence.CaSubId=ca selftests.plugin.CAValidity.CaSubId=ca +selftests.plugin.SystemCertsVerification.SubId=ca smtp.host=localhost smtp.port=25 subsystem.0.class=com.netscape.ca.CertificateAuthority diff --git a/pki/base/kra/shared/conf/CS.cfg b/pki/base/kra/shared/conf/CS.cfg index e3b5966a6..69a33d570 100644 --- a/pki/base/kra/shared/conf/CS.cfg +++ b/pki/base/kra/shared/conf/CS.cfg @@ -35,6 +35,7 @@ preop.admin.name=Data Recovery Manager Administrator preop.admin.group=Data Recovery Manager Agents preop.admincert.profile=caAdminCert preop.pin=[PKI_RANDOM_NUMBER] +kra.cert.list=transport,storage,sslserver,subsystem,audit_signing preop.cert.list=transport,storage,sslserver,subsystem,audit_signing preop.cert.transport.enable=true preop.cert.storage.enable=true @@ -325,7 +326,14 @@ registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg selftests._000=## selftests._001=## Self Tests selftests._002=## +selftests._003=## The Self-Test plugin SystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## kra.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## kra.cert.<cert tag name>.nickname +selftests._007=## kra.cert.<cert tag name>.certusage +selftests._008=## selftests.container.instance.KRAPresence=com.netscape.cms.selftests.kra.KRAPresence +selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification selftests.container.logger.bufferSize=512 selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile selftests.container.logger.enable=true @@ -338,8 +346,9 @@ selftests.container.logger.register=false selftests.container.logger.rolloverInterval=2592000 selftests.container.logger.type=transaction selftests.container.order.onDemand=KRAPresence:critical -selftests.container.order.startup= +selftests.container.order.startup=SystemCertsVerification:critical selftests.plugin.KRAPresence.SubId=kra +selftests.plugin.SystemCertsVerification.SubId=kra smtp.host=localhost smtp.port=25 subsystem.0.class=com.netscape.kra.KeyRecoveryAuthority diff --git a/pki/base/ocsp/shared/conf/CS.cfg b/pki/base/ocsp/shared/conf/CS.cfg index 89bd35c3b..79b045ee6 100644 --- a/pki/base/ocsp/shared/conf/CS.cfg +++ b/pki/base/ocsp/shared/conf/CS.cfg @@ -39,6 +39,7 @@ preop.configModules.module2.commonName=lunasa preop.configModules.module2.imagePath=../img/clearpixel.gif preop.configModules.count=3 preop.module.token=Internal Key Storage Token +ocsp.cert.list=signing,sslserver,subsystem,audit_signing preop.cert.list=signing,sslserver,subsystem,audit_signing preop.cert.ocsp_signing.enable=true preop.cert.sslserver.enable=true @@ -279,8 +280,15 @@ registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg selftests._000=## selftests._001=## Self Tests selftests._002=## +selftests._003=## The Self-Test plugin SystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## ocsp.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## ocsp.cert.<cert tag name>.nickname +selftests._007=## ocsp.cert.<cert tag name>.certusage +selftests._008=## selftests.container.instance.OCSPPresence=com.netscape.cms.selftests.ocsp.OCSPPresence selftests.container.instance.OCSPValidity=com.netscape.cms.selftests.ocsp.OCSPValidity +selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification selftests.container.logger.bufferSize=512 selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile selftests.container.logger.enable=true @@ -292,10 +300,11 @@ selftests.container.logger.maxFileSize=2000 selftests.container.logger.register=false selftests.container.logger.rolloverInterval=2592000 selftests.container.logger.type=transaction -selftests.container.order.onDemand=OCSPPresence:critical, OCSPValidity:critical -selftests.container.order.startup=OCSPPresence:critical, OCSPValidity:critical +selftests.container.order.onDemand=OCSPPresence:critical, SystemCertsVerification:critical, OCSPValidity:critical +selftests.container.order.startup=OCSPPresence:critical, SystemCertsVerification:critical selftests.plugin.OCSPPresence.OcspSubId=ocsp selftests.plugin.OCSPValidity.OcspSubId=ocsp +selftests.plugin.SystemCertsVerification.SubId=ocsp smtp.host=localhost smtp.port=25 subsystem.0.class=com.netscape.ocsp.OCSPAuthority diff --git a/pki/base/tks/shared/conf/CS.cfg b/pki/base/tks/shared/conf/CS.cfg index d9e3580a1..158166316 100644 --- a/pki/base/tks/shared/conf/CS.cfg +++ b/pki/base/tks/shared/conf/CS.cfg @@ -30,6 +30,7 @@ preop.system.name=TKS preop.product.name=CS preop.product.version= preop.system.fullname=Token Key Service +tks.cert.list=sslserver,subsystem,audit_signing preop.cert.list=sslserver,subsystem,audit_signing preop.cert.sslserver.enable=true preop.cert.subsystem.enable=true @@ -267,7 +268,14 @@ registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg selftests._000=## selftests._001=## Self Tests selftests._002=## +selftests._003=## The Self-Test plugin SystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## tks.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## tks.cert.<cert tag name>.nickname +selftests._007=## tks.cert.<cert tag name>.certusage +selftests._008=## selftests.container.instance.TKSKnownSessionKey=com.netscape.cms.selftests.tks.TKSKnownSessionKey +selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification selftests.container.logger.bufferSize=512 selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile selftests.container.logger.enable=true @@ -279,8 +287,8 @@ selftests.container.logger.maxFileSize=2000 selftests.container.logger.register=false selftests.container.logger.rolloverInterval=2592000 selftests.container.logger.type=transaction -selftests.container.order.onDemand=TKSKnownSessionKey:critical -selftests.container.order.startup=TKSKnownSessionKey:critical +selftests.container.order.onDemand=TKSKnownSessionKey:critical, SystemCertsVerification:critical +selftests.container.order.startup=TKSKnownSessionKey:critical, SystemCertsVerification:critical selftests.plugin.TKSKnownSessionKey.CUID=#a0#01#92#03#04#05#06#07#08#c9 selftests.plugin.TKSKnownSessionKey.TksSubId=tks selftests.plugin.TKSKnownSessionKey.cardChallenge=#bd#6d#19#85#6e#54#0f#cd @@ -290,6 +298,7 @@ selftests.plugin.TKSKnownSessionKey.macKey=#40#41#42#43#44#45#46#47#48#49#4a#4b# selftests.plugin.TKSKnownSessionKey.sessionKey=#d1#be#b8#26#dc#56#20#25#8c#93#e7#de#f0#ab#4f#5b selftests.plugin.TKSKnownSessionKey.token=Internal Key Storage Token selftests.plugin.TKSKnownSessionKey.useSoftToken=true +selftests.plugin.SystemCertsVerification.SubId=tks smtp.host=localhost smtp.port=25 subsystem.0.class=com.netscape.tks.TKSAuthority diff --git a/pki/base/tps/doc/CS.cfg b/pki/base/tps/doc/CS.cfg index b03846361..3750c6da0 100644 --- a/pki/base/tps/doc/CS.cfg +++ b/pki/base/tps/doc/CS.cfg @@ -31,6 +31,12 @@ cs.type=TPS selftests._000=## selftests._001=## Self Tests selftests._002=## +selftests._003=## The Self-Test plugin TPSSystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## tps.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## tps.cert.<cert tag name>.nickname +selftests._007=## tps.cert.<cert tag name>.certusage +selftests._008=## selftests.container.logger.enable=true selftests.container.logger.expirationTime=0 selftests.container.logger.file.type=RollingLogFile |