diff options
| author | Christina Fu <cfu@redhat.com> | 2017-04-28 17:55:17 -0700 |
|---|---|---|
| committer | Christina Fu <cfu@redhat.com> | 2017-04-28 19:56:09 -0700 |
| commit | 3ff9de6a517d7fdcdee6c4a8c884eff052f8f824 (patch) | |
| tree | 7ce6931f2bdec5413796d9e22b243542ef635239 /base/ca/shared/webapps | |
| parent | 9590944d5726ff32d94c6a2b2909175eae946466 (diff) | |
| download | pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.tar.gz pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.tar.xz pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.zip | |
Ticket #2717 CMC user-signed enrollment request
This patch provides implementation that allows user-signed CMC requests
to be processed; The resulting certificate will bear the same subjectDN
as that of the signing cert;
The new uri to access is /ca/ee/ca/profileSubmitUserSignedCMCFull
where the new profile is to be used: caFullCMCUserSignedCert.cfg
which utilizes the new authentication plugin: CMCUserSignedAuth
and new profile default plugin: CMCUserSignedSubjectNameDefault
and new profile constraint plugin: CMCUserSignedSubjectNameConstraint
Diffstat (limited to 'base/ca/shared/webapps')
| -rw-r--r-- | base/ca/shared/webapps/ca/WEB-INF/web.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/base/ca/shared/webapps/ca/WEB-INF/web.xml b/base/ca/shared/webapps/ca/WEB-INF/web.xml index bf8aed40f..dc61ab3b8 100644 --- a/base/ca/shared/webapps/ca/WEB-INF/web.xml +++ b/base/ca/shared/webapps/ca/WEB-INF/web.xml @@ -1553,6 +1553,29 @@ </servlet> <servlet> + <servlet-name> caProfileSubmitUserSignedCMCFull </servlet-name> + <servlet-class> com.netscape.cms.servlet.profile.ProfileSubmitCMCServlet </servlet-class> + <init-param><param-name> GetClientCert </param-name> + <param-value> false </param-value> </init-param> + <init-param><param-name> cert_request_type </param-name> + <param-value> cmc </param-value> </init-param> + <init-param><param-name> profileId </param-name> + <param-value> caFullCMCUserSignedCert </param-value> </init-param> + <init-param><param-name> AuthzMgr </param-name> + <param-value> BasicAclAuthz </param-value> </init-param> + <init-param><param-name> authorityId </param-name> + <param-value> ca </param-value> </init-param> + <init-param><param-name> ID </param-name> + <param-value> caProfileSubmitUserSignedCMCFull </param-value> </init-param> + <init-param><param-name> templatePath </param-name> + <param-value> /ee/ca/ProfileSubmit.template </param-value> </init-param> + <init-param><param-name> resourceID </param-name> + <param-value> certServer.ee.profile </param-value> </init-param> + <init-param><param-name> interface </param-name> + <param-value> ee </param-value> </init-param> + </servlet> + + <servlet> <servlet-name> caProfileList </servlet-name> <servlet-class> com.netscape.cms.servlet.profile.ProfileListServlet </servlet-class> <init-param><param-name> GetClientCert </param-name> @@ -2257,6 +2280,11 @@ </servlet-mapping> <servlet-mapping> + <servlet-name> caProfileSubmitUserSignedCMCFull </servlet-name> + <url-pattern> /ee/ca/profileSubmitUserSignedCMCFull </url-pattern> + </servlet-mapping> + + <servlet-mapping> <servlet-name> caProfileList </servlet-name> <url-pattern> /ee/ca/profileList </url-pattern> </servlet-mapping> |