diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2013-05-20 22:59:15 -0400 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2013-05-30 12:00:36 -0400 |
commit | d78d7442be02b6b83d9dad3fc089fa9f9d8ceb48 (patch) | |
tree | 27816db3b38935f4e4c05bdfd5f347fd7ec4669e /base/ca | |
parent | 1d53a9dd567f395bcaf65376be9f6c3319ba51ce (diff) | |
download | pki-d78d7442be02b6b83d9dad3fc089fa9f9d8ceb48.tar.gz pki-d78d7442be02b6b83d9dad3fc089fa9f9d8ceb48.tar.xz pki-d78d7442be02b6b83d9dad3fc089fa9f9d8ceb48.zip |
Renamed SERVER_NAME and PKI_MACHINE_NAME into PKI_HOSTNAME.
The SERVER_NAME and PKI_MACHINE_NAME variables have been renamed
into PKI_HOSTNAME for consistency.
Diffstat (limited to 'base/ca')
-rw-r--r-- | base/ca/shared/conf/CS.cfg.in | 16 | ||||
-rw-r--r-- | base/ca/shared/conf/proxy.conf | 16 | ||||
-rw-r--r-- | base/ca/shared/conf/server.xml | 14 | ||||
-rw-r--r-- | base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template | 2 |
4 files changed, 24 insertions, 24 deletions
diff --git a/base/ca/shared/conf/CS.cfg.in b/base/ca/shared/conf/CS.cfg.in index 1316e9b23..61e1ac4ff 100644 --- a/base/ca/shared/conf/CS.cfg.in +++ b/base/ca/shared/conf/CS.cfg.in @@ -33,17 +33,17 @@ authType=pwd admin.interface.uri=ca/admin/console/config/wizard ee.interface.uri=ca/ee/ca agent.interface.uri=ca/agent/ca -preop.securitydomain.admin_url=https://[PKI_MACHINE_NAME]:9445 +preop.securitydomain.admin_url=https://[PKI_HOSTNAME]:9445 securitydomain.checkIP=false securitydomain.flushinterval=86400000 securitydomain.source=ldap securitydomain.checkinterval=300000 instanceRoot=[PKI_INSTANCE_PATH] configurationRoot=/[PKI_SUBSYSTEM_DIR]conf/ -machineName=[PKI_MACHINE_NAME] +machineName=[PKI_HOSTNAME] instanceId=[PKI_INSTANCE_ID] pidDir=[PKI_PIDDIR] -service.machineName=[PKI_MACHINE_NAME] +service.machineName=[PKI_HOSTNAME] service.instanceDir=[PKI_INSTANCE_ROOT] service.securePort=[PKI_AGENT_SECURE_PORT] service.non_clientauth_securePort=[PKI_EE_SECURE_PORT] @@ -101,7 +101,7 @@ preop.cert.ocsp_signing.type=local preop.cert.ocsp_signing.userfriendlyname=OCSP Signing Certificate preop.cert.ocsp_signing.cncomponent.override=true preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA -preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME] +preop.cert.sslserver.dn=CN=[PKI_HOSTNAME] preop.cert.sslserver.keysize.custom_size=2048 preop.cert.sslserver.keysize.size=2048 preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_ID] @@ -140,7 +140,7 @@ preop.configModules.module2.imagePath=/pki/images/clearpixel.gif preop.configModules.count=3 preop.module.token=Internal Key Storage Token preop.name.caDN=CN=Certificate Authority -preop.name.sslDN=CN=[PKI_MACHINE_NAME] +preop.name.sslDN=CN=[PKI_HOSTNAME] preop.name.ocspDN=CN=OCSP Signing Certificate preop.name.subsystemDN=CN=CA Subsystem Certificate preop.name.canickname=caSigningCert cert-[PKI_INSTANCE_ID] @@ -287,7 +287,7 @@ ca.Policy.impl.SubjectDirectoryAttributesExt.class=com.netscape.cms.policy.exten ca.Policy.impl.SubjectKeyIdentifierExt.class=com.netscape.cms.policy.extensions.SubjectKeyIdentifierExt ca.Policy.impl.UniqueSubjectNameConstraints.class=com.netscape.cms.policy.constraints.UniqueSubjectNameConstraints ca.Policy.impl.ValidityConstraints.class=com.netscape.cms.policy.constraints.ValidityConstraints -ca.Policy.rule.AuthInfoAccessExt.ad0_location=http://[PKI_MACHINE_NAME]:8080/ocsp +ca.Policy.rule.AuthInfoAccessExt.ad0_location=http://[PKI_HOSTNAME]:8080/ocsp ca.Policy.rule.AuthInfoAccessExt.ad0_location_type=URL ca.Policy.rule.AuthInfoAccessExt.ad0_method=ocsp ca.Policy.rule.AuthInfoAccessExt.enable=false @@ -753,12 +753,12 @@ cmsgateway._013=## (4) Type: 'service [PKI_INSTANCE_ID] start' cmsgateway._014=## (5) Launch a browser and re-enroll for cmsgateway._015=## a new Admin Certificate by typing: cmsgateway._016=## -cmsgateway._017=## https://[PKI_MACHINE_NAME]:[PKI_ADMIN_SECURE_PORT]/ca/admin/ca/adminEnroll.html +cmsgateway._017=## https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca/admin/ca/adminEnroll.html cmsgateway._018=## cmsgateway._019=## (6) Verify that the browser contains the new cmsgateway._020=## Admin Certificate by successfully navigating to: cmsgateway._021=## -cmsgateway._022=## https://[PKI_MACHINE_NAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca/ +cmsgateway._022=## https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca/ cmsgateway._023=## cmsgateway._024=## (7) Optionally, disable the Certificate Policies Framework cmsgateway._025=## by following steps (1) - (4), but ONLY resetting diff --git a/base/ca/shared/conf/proxy.conf b/base/ca/shared/conf/proxy.conf index 663ba5722..9f57c63a4 100644 --- a/base/ca/shared/conf/proxy.conf +++ b/base/ca/shared/conf/proxy.conf @@ -4,31 +4,31 @@ ProxyRequests Off <LocationMatch "^/ca/ee/*|^/ca/renewal|^/ca/certbasedenrollment|^/ca/ocsp|^/ca/enrollment|^/ca/profileSubmit|^/ca/cgi-bin/pkiclient.exe"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient none - ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ - ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassMatch ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ </LocationMatch> # matches for admin port <LocationMatch "^/ca/admin/*|^/ca/auths|^/ca/acl|^/ca/server|^/ca/caadmin|^/ca/caprofile|^/ca/jobsScheduler|^/ca/capublisher|^/ca/log|^/ca/ug"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient none - ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ - ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassMatch ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ </LocationMatch> # matches for agent port and eeca port <LocationMatch "^/ca/agent/*|^/ca/ca/getCertFromRequest|^/ca/ca/GetBySerial|^/ca/ca/connector|/ca/ca/displayCertFromRequest|^/ca/doRevoke|^/ca/eeca/*"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient require - ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ - ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassMatch ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ </LocationMatch> # static content <LocationMatch "^/graphics/*"> NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate NSSVerifyClient none - ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ - ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassMatch ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_HOSTNAME]:[PKI_AJP_PORT]/ </LocationMatch> diff --git a/base/ca/shared/conf/server.xml b/base/ca/shared/conf/server.xml index 1ae2decea..2ccdb4d40 100644 --- a/base/ca/shared/conf/server.xml +++ b/base/ca/shared/conf/server.xml @@ -27,12 +27,12 @@ <!-- DO NOT REMOVE - Begin PKI Status Definitions --> <!-- -Unsecure Port = http://[PKI_MACHINE_NAME]:[PKI_UNSECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/ee/[PKI_SUBSYSTEM_TYPE] -Secure Agent Port = https://[PKI_MACHINE_NAME]:[PKI_AGENT_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/agent/[PKI_SUBSYSTEM_TYPE] -Secure EE Port = https://[PKI_MACHINE_NAME]:[PKI_EE_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/ee/[PKI_SUBSYSTEM_TYPE] -Secure Admin Port = https://[PKI_MACHINE_NAME]:[PKI_ADMIN_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/services -EE Client Auth Port = https://[PKI_MACHINE_NAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE] -PKI Console Port = pkiconsole https://[PKI_MACHINE_NAME]:[PKI_ADMIN_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE] +Unsecure Port = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/ee/[PKI_SUBSYSTEM_TYPE] +Secure Agent Port = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/agent/[PKI_SUBSYSTEM_TYPE] +Secure EE Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/ee/[PKI_SUBSYSTEM_TYPE] +Secure Admin Port = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE]/services +EE Client Auth Port = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE] +PKI Console Port = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/[PKI_SUBSYSTEM_TYPE] Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) --> <!-- DO NOT REMOVE - End PKI Status Definitions --> @@ -123,7 +123,7 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) enableLookups="false" disableUploadTimeout="true" SSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementation" enableOCSP="false" - ocspResponderURL="http://[PKI_MACHINE_NAME]:9080/ca/ocsp" + ocspResponderURL="http://[PKI_HOSTNAME]:9080/ca/ocsp" ocspResponderCertNickname="ocspSigningCert cert-pki-ca" ocspCacheSize="1000" ocspMinCacheEntryDuration="60" diff --git a/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template b/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template index bcb047dbf..18ef7c2f6 100644 --- a/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template +++ b/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template @@ -345,7 +345,7 @@ function setCRMFRequest() var uri = 'profileSubmit'; if (typeof(authName) != "undefined") { if (authIsSSLClientRequired == 'true') { - uri = 'https://[PKI_MACHINE_NAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT_UI]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE]/profileSubmitSSLClient'; + uri = 'https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT_UI]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE]/profileSubmitSSLClient'; } } if (navigator.appName == "Microsoft Internet Explorer") { |