diff options
| author | Matthew Harmsen <mharmsen@redhat.com> | 2012-07-19 01:04:54 -0700 |
|---|---|---|
| committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-07-19 10:17:18 -0700 |
| commit | 5b004df074027d1eba33c2f9038030406830cc3c (patch) | |
| tree | c14cfe0d4123d6fa704d9f837f37d1688c15bf5c /base/deploy/config | |
| parent | 3fcefc1b67e7afe0455267b3876d9e6ef47531cc (diff) | |
| download | pki-5b004df074027d1eba33c2f9038030406830cc3c.tar.gz pki-5b004df074027d1eba33c2f9038030406830cc3c.tar.xz pki-5b004df074027d1eba33c2f9038030406830cc3c.zip | |
PKI Deployment Scriptlets
* In 'catalina.properties', removed commented out jars
for each of the subsystems in the 'common.loader'
* In 'server.xml', removed the line containing a '1'
* Moved all parameters from the [Mandatory] and [Optional]
sections of the 'pkideployment.cfg' file to other more
appropriate sections (e.g. - [Common], [CA], [KRA], etc.),
and removed these sections and all of their associated
logic from the 'pki-deploy' package
* Resolved Dogtag TRAC Ticket #225
Dogtag 10: Move "pkispawn"/"pkidestroy" logs
* Removed all security domain references from
external CA logic
* Added new 'pki_subsystem_name' parameter to
'pkideployment.cfg' file, and applied logic
throughout 'pki-deploy'
* Added new error message in the case of an
unset DNS domain name, and replaced the
log message with a simple print in the
case of a 'domainname' exception
Diffstat (limited to 'base/deploy/config')
| -rw-r--r-- | base/deploy/config/pkideployment.cfg | 95 |
1 files changed, 46 insertions, 49 deletions
diff --git a/base/deploy/config/pkideployment.cfg b/base/deploy/config/pkideployment.cfg index a4513d712..fb04c85fa 100644 --- a/base/deploy/config/pkideployment.cfg +++ b/base/deploy/config/pkideployment.cfg @@ -15,85 +15,60 @@ pki_ds_password= pki_pkcs12_password= pki_security_domain_password= ############################################################################### -## 'Mandatory' Data: ## -## ## -## Values in this section pertain to various PKI subsystems, and contain ## -## required information which MUST ALWAYS be provided by users. ## -############################################################################### -[Mandatory] -############################################################################### -## 'Optional' Data: ## +## 'Common' Data: ## ## ## -## Values in this section pertain to various PKI subsystems, and contain ## -## required information which MAY OPTIONALLY be provided by users. ## +## Values in this section are common to more than one PKI subsystem, and ## +## contain required information which MAY be overridden by users as ## +## necessary. ## ## ## ## NOTE: Default values will be generated for any and all required ## -## 'optional' data values which are left undefined. ## -############################################################################### -[Optional] -pki_admin_domain_name= -pki_admin_email= -pki_admin_nickname= -pki_admin_subject_dn= -pki_audit_signing_nickname= -pki_audit_signing_subject_dn= -pki_audit_signing_token= -pki_backup_file= -pki_ca_signing_nickname= -pki_ca_signing_subject_dn= -pki_ca_signing_token= -pki_ds_base_dn= -pki_ds_database= -pki_ds_hostname= -pki_ocsp_signing_nickname= -pki_ocsp_signing_subject_dn= -pki_ocsp_signing_token= -pki_security_domain_hostname= -pki_security_domain_name= -pki_ssl_server_nickname= -pki_ssl_server_subject_dn= -pki_ssl_server_token= -pki_storage_nickname= -pki_storage_subject_dn= -pki_storage_token= -pki_subsystem_nickname= -pki_subsystem_subject_dn= -pki_subsystem_token= -pki_transport_nickname= -pki_transport_subject_dn= -pki_transport_token= -############################################################################### -## 'Common' Data: ## -## ## -## Values in this section are common to ALL PKI subsystems, and contain ## -## required information which MAY be overridden by users as necessary. ## +## 'common' data values which are left undefined. ## ############################################################################### [Common] pki_admin_cert_request_type=crmf +pki_admin_domain_name= pki_admin_dualkey=False +pki_admin_email= pki_admin_keysize=2048 pki_admin_name=admin +pki_admin_nickname= +pki_admin_subject_dn= pki_admin_uid=admin pki_audit_group=pkiaudit pki_audit_signing_key_algorithm=SHA256withRSA pki_audit_signing_key_size=2048 pki_audit_signing_key_type=rsa +pki_audit_signing_nickname= pki_audit_signing_signing_algorithm=SHA256withRSA +pki_audit_signing_subject_dn= +pki_audit_signing_token= +pki_backup_file= pki_backup_keys=False +pki_ds_base_dn= pki_ds_bind_dn=cn=Directory Manager +pki_ds_database= +pki_ds_hostname= pki_ds_http_port=389 pki_ds_https_port=636 pki_ds_remove_data=True pki_ds_secure_connection=False pki_group=pkiuser +pki_security_domain_hostname= pki_security_domain_https_port=8443 +pki_security_domain_name= pki_security_domain_user=admin pki_ssl_server_key_algorithm=SHA256withRSA pki_ssl_server_key_size=2048 pki_ssl_server_key_type=rsa +pki_ssl_server_nickname= +pki_ssl_server_subject_dn= +pki_ssl_server_token= pki_subsystem_key_algorithm=SHA256withRSA pki_subsystem_key_size=2048 pki_subsystem_key_type=rsa +pki_subsystem_nickname= +pki_subsystem_subject_dn= +pki_subsystem_token= pki_user=pkiuser ############################################################################### ## 'Apache' Data: ## @@ -152,14 +127,21 @@ pki_tomcat_server_port=8005 pki_ca_signing_key_algorithm=SHA256withRSA pki_ca_signing_key_size=2048 pki_ca_signing_key_type=rsa +pki_ca_signing_nickname= pki_ca_signing_signing_algorithm=SHA256withRSA +pki_ca_signing_subject_dn= +pki_ca_signing_token= pki_external=False pki_ocsp_signing_key_algorithm=SHA256withRSA pki_ocsp_signing_key_size=2048 pki_ocsp_signing_key_type=rsa +pki_ocsp_signing_nickname= pki_ocsp_signing_signing_algorithm=SHA256withRSA +pki_ocsp_signing_subject_dn= +pki_ocsp_signing_token= pki_subordinate=False pki_subsystem=CA +pki_subsystem_name= pki_war_name=ca.war ############################################################################### ## 'KRA' Data: ## @@ -172,12 +154,19 @@ pki_war_name=ca.war pki_storage_key_algorithm=SHA256withRSA pki_storage_key_size=2048 pki_storage_key_type=rsa +pki_storage_nickname= pki_storage_signing_algorithm=SHA256withRSA +pki_storage_subject_dn= +pki_storage_token= pki_subsystem=KRA +pki_subsystem_name= pki_transport_key_algorithm=SHA256withRSA pki_transport_key_size=2048 pki_transport_key_type=rsa +pki_transport_nickname= pki_transport_signing_algorithm=SHA256withRSA +pki_transport_subject_dn= +pki_transport_token= pki_war_name=kra.war ############################################################################### ## 'OCSP' Data: ## @@ -190,8 +179,13 @@ pki_war_name=kra.war pki_ocsp_signing_key_algorithm=SHA256withRSA pki_ocsp_signing_key_size=2048 pki_ocsp_signing_key_type=rsa +pki_ocsp_signing_nickname= pki_ocsp_signing_signing_algorithm=SHA256withRSA +pki_ocsp_signing_subject_dn= +pki_ocsp_signing_token= +pki_subordinate=False pki_subsystem=OCSP +pki_subsystem_name= pki_war_name=ocsp.war ############################################################################### ## 'RA' Data: ## @@ -201,6 +195,7 @@ pki_war_name=ocsp.war ############################################################################### [RA] pki_subsystem=RA +pki_subsystem_name= ############################################################################### ## 'TKS' Data: ## ## ## @@ -210,6 +205,7 @@ pki_subsystem=RA ############################################################################### [TKS] pki_subsystem=TKS +pki_subsystem_name= pki_war_name=tks.war ############################################################################### ## 'TPS' Data: ## @@ -219,3 +215,4 @@ pki_war_name=tks.war ############################################################################### [TPS] pki_subsystem=TPS +pki_subsystem_name= |