diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2012-07-19 01:04:54 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-07-19 10:17:18 -0700 |
commit | 5b004df074027d1eba33c2f9038030406830cc3c (patch) | |
tree | c14cfe0d4123d6fa704d9f837f37d1688c15bf5c /base/deploy/src/scriptlets/pkijython.py | |
parent | 3fcefc1b67e7afe0455267b3876d9e6ef47531cc (diff) | |
download | pki-5b004df074027d1eba33c2f9038030406830cc3c.tar.gz pki-5b004df074027d1eba33c2f9038030406830cc3c.tar.xz pki-5b004df074027d1eba33c2f9038030406830cc3c.zip |
PKI Deployment Scriptlets
* In 'catalina.properties', removed commented out jars
for each of the subsystems in the 'common.loader'
* In 'server.xml', removed the line containing a '1'
* Moved all parameters from the [Mandatory] and [Optional]
sections of the 'pkideployment.cfg' file to other more
appropriate sections (e.g. - [Common], [CA], [KRA], etc.),
and removed these sections and all of their associated
logic from the 'pki-deploy' package
* Resolved Dogtag TRAC Ticket #225
Dogtag 10: Move "pkispawn"/"pkidestroy" logs
* Removed all security domain references from
external CA logic
* Added new 'pki_subsystem_name' parameter to
'pkideployment.cfg' file, and applied logic
throughout 'pki-deploy'
* Added new error message in the case of an
unset DNS domain name, and replaced the
log message with a simple print in the
case of a 'domainname' exception
Diffstat (limited to 'base/deploy/src/scriptlets/pkijython.py')
-rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 23 |
1 files changed, 5 insertions, 18 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index 7856ba8c1..b55c9ecec 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -299,65 +299,52 @@ class rest_client: data.setPin(master['pki_one_time_pin']) data.setToken(ConfigurationData.TOKEN_DEFAULT) if master['pki_instance_type'] == "Tomcat": + data.setSubsystemName(master['pki_subsystem_name']) if master['pki_subsystem'] == "CA": if config.str2bool(master['pki_clone']): # Cloned CA data.setHierarchy("root") data.setIsClone("true") - data.setSubsystemName("Cloned CA Subsystem") elif config.str2bool(master['pki_external']): # External CA data.setHierarchy("join") data.setIsClone("false") - data.setSubsystemName("External CA Subsystem") elif config.str2bool(master['pki_subordinate']): # Subordinate CA data.setHierarchy("join") data.setIsClone("false") - data.setSubsystemName("Subordinate CA Subsystem") else: # PKI CA data.setHierarchy("root") data.setIsClone("false") - data.setSubsystemName("PKI CA Subsystem") elif master['pki_subsystem'] == "KRA": if config.str2bool(master['pki_clone']): # Cloned KRA data.setIsClone("true") - data.setSubsystemName("Cloned KRA Subsystem") else: # PKI KRA data.setIsClone("false") - data.setSubsystemName("PKI KRA Subsystem") elif master['pki_subsystem'] == "OCSP": if config.str2bool(master['pki_clone']): # Cloned OCSP data.setIsClone("true") - data.setSubsystemName("Cloned OCSP Subsystem") else: # PKI OCSP data.setIsClone("false") - data.setSubsystemName("PKI OCSP Subsystem") elif master['pki_subsystem'] == "TKS": if config.str2bool(master['pki_clone']): # Cloned TKS data.setIsClone("true") - data.setSubsystemName("Cloned TKS Subsystem") else: # PKI TKS data.setIsClone("false") - data.setSubsystemName("PKI TKS Subsystem") # Security Domain Information + # + # NOTE: External CA's DO NOT require a security domain if master['pki_instance_type'] == "Tomcat": if master['pki_subsystem'] == "CA": - if config.str2bool(master['pki_external']): - # External CA - data.setSecurityDomainType( - ConfigurationData.NEW_DOMAIN) - data.setSecurityDomainName( - master['pki_security_domain_name']) - elif not config.str2bool(master['pki_clone']) and\ - not config.str2bool(master['pki_subordinate']): + if not config.str2bool(master['pki_clone']) and\ + not config.str2bool(master['pki_subordinate']): # PKI CA data.setSecurityDomainType( ConfigurationData.NEW_DOMAIN) |