Removed unnecessary pki folder.

Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.

Ticket #131

9 files changed, 4683 insertions, 0 deletions

diff --git a/base/tps/apache/LICENSE-2.0 b/base/tps/apache/LICENSE-2.0
new file mode 100644
index 000000000..7b69c6227
--- /dev/null
+++ b/base/tps/apache/LICENSE-2.0
@@ -0,0 +1,678 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+
+
+APACHE HTTP SERVER SUBCOMPONENTS: 
+
+The Apache HTTP Server includes a number of subcomponents with
+separate copyright notices and license terms. Your use of the source
+code for the these subcomponents is subject to the terms and
+conditions of the following licenses. 
+
+For the mod_mime_magic component:
+
+/*
+ * mod_mime_magic: MIME type lookup via file magic numbers
+ * Copyright (c) 1996-1997 Cisco Systems, Inc.
+ *
+ * This software was submitted by Cisco Systems to the Apache Group in July
+ * 1997.  Future revisions and derivatives of this source code must
+ * acknowledge Cisco Systems as the original contributor of this module.
+ * All other licensing and usage conditions are those of the Apache Group.
+ *
+ * Some of this code is derived from the free version of the file command
+ * originally posted to comp.sources.unix.  Copyright info for that program
+ * is included below as required.
+ * ---------------------------------------------------------------------------
+ * - Copyright (c) Ian F. Darwin, 1987. Written by Ian F. Darwin.
+ *
+ * This software is not subject to any license of the American Telephone and
+ * Telegraph Company or of the Regents of the University of California.
+ *
+ * Permission is granted to anyone to use this software for any purpose on any
+ * computer system, and to alter it and redistribute it freely, subject to
+ * the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission.  Since few users ever read sources, credits
+ * must appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software.  Since few users ever read
+ * sources, credits must appear in the documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ * -------------------------------------------------------------------------
+ *
+ */
+
+
+For the  modules\mappers\mod_imap.c component:
+
+  "macmartinized" polygon code copyright 1992 by Eric Haines, erich@eye.com
+
+For the  server\util_md5.c component:
+
+/************************************************************************
+ * NCSA HTTPd Server
+ * Software Development Group
+ * National Center for Supercomputing Applications
+ * University of Illinois at Urbana-Champaign
+ * 605 E. Springfield, Champaign, IL 61820
+ * httpd@ncsa.uiuc.edu
+ *
+ * Copyright  (C)  1995, Board of Trustees of the University of Illinois
+ *
+ ************************************************************************
+ *
+ * md5.c: NCSA HTTPd code which uses the md5c.c RSA Code
+ *
+ *  Original Code Copyright (C) 1994, Jeff Hostetler, Spyglass, Inc.
+ *  Portions of Content-MD5 code Copyright (C) 1993, 1994 by Carnegie Mellon
+ *     University (see Copyright below).
+ *  Portions of Content-MD5 code Copyright (C) 1991 Bell Communications 
+ *     Research, Inc. (Bellcore) (see Copyright below).
+ *  Portions extracted from mpack, John G. Myers - jgm+@cmu.edu
+ *  Content-MD5 Code contributed by Martin Hamilton (martin@net.lut.ac.uk)
+ *
+ */
+
+
+/* these portions extracted from mpack, John G. Myers - jgm+@cmu.edu */
+/* (C) Copyright 1993,1994 by Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify, distribute, and sell this software
+ * and its documentation for any purpose is hereby granted without
+ * fee, provided that the above copyright notice appear in all copies
+ * and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of Carnegie
+ * Mellon University not be used in advertising or publicity
+ * pertaining to distribution of the software without specific,
+ * written prior permission.  Carnegie Mellon University makes no
+ * representations about the suitability of this software for any
+ * purpose.  It is provided "as is" without express or implied
+ * warranty.
+ *
+ * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
+ * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
+ */
+
+/*
+ * Copyright (c) 1991 Bell Communications Research, Inc. (Bellcore)
+ *
+ * Permission to use, copy, modify, and distribute this material
+ * for any purpose and without fee is hereby granted, provided
+ * that the above copyright notice and this permission notice
+ * appear in all copies, and that the name of Bellcore not be
+ * used in advertising or publicity pertaining to this
+ * material without the specific, prior written permission
+ * of an authorized representative of Bellcore.  BELLCORE
+ * MAKES NO REPRESENTATIONS ABOUT THE ACCURACY OR SUITABILITY
+ * OF THIS MATERIAL FOR ANY PURPOSE.  IT IS PROVIDED "AS IS",
+ * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES.  
+ */
+
+For the  srclib\apr\include\apr_md5.h component: 
+/*
+ * This is work is derived from material Copyright RSA Data Security, Inc.
+ *
+ * The RSA copyright statement and Licence for that original material is
+ * included below. This is followed by the Apache copyright statement and
+ * licence for the modifications made to that material.
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+   rights reserved.
+
+   License to copy and use this software is granted provided that it
+   is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+   Algorithm" in all material mentioning or referencing this software
+   or this function.
+
+   License is also granted to make and use derivative works provided
+   that such works are identified as "derived from the RSA Data
+   Security, Inc. MD5 Message-Digest Algorithm" in all material
+   mentioning or referencing the derived work.
+
+   RSA Data Security, Inc. makes no representations concerning either
+   the merchantability of this software or the suitability of this
+   software for any particular purpose. It is provided "as is"
+   without express or implied warranty of any kind.
+
+   These notices must be retained in any copies of any part of this
+   documentation and/or software.
+ */
+
+For the  srclib\apr\passwd\apr_md5.c component:
+
+/*
+ * This is work is derived from material Copyright RSA Data Security, Inc.
+ *
+ * The RSA copyright statement and Licence for that original material is
+ * included below. This is followed by the Apache copyright statement and
+ * licence for the modifications made to that material.
+ */
+
+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+   rights reserved.
+
+   License to copy and use this software is granted provided that it
+   is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+   Algorithm" in all material mentioning or referencing this software
+   or this function.
+
+   License is also granted to make and use derivative works provided
+   that such works are identified as "derived from the RSA Data
+   Security, Inc. MD5 Message-Digest Algorithm" in all material
+   mentioning or referencing the derived work.
+
+   RSA Data Security, Inc. makes no representations concerning either
+   the merchantability of this software or the suitability of this
+   software for any particular purpose. It is provided "as is"
+   without express or implied warranty of any kind.
+
+   These notices must be retained in any copies of any part of this
+   documentation and/or software.
+ */
+/*
+ * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0
+ * MD5 crypt() function, which is licenced as follows:
+ * ----------------------------------------------------------------------------
+ * "THE BEER-WARE LICENSE" (Revision 42):
+ * <phk@login.dknet.dk> wrote this file.  As long as you retain this notice you
+ * can do whatever you want with this stuff. If we meet some day, and you think
+ * this stuff is worth it, you can buy me a beer in return.  Poul-Henning Kamp
+ * ----------------------------------------------------------------------------
+ */
+
+For the srclib\apr-util\crypto\apr_md4.c component:
+
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ * rights reserved.
+ *
+ * License to copy and use this software is granted provided that it
+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ * Algorithm" in all material mentioning or referencing this software
+ * or this function.
+ *
+ * License is also granted to make and use derivative works provided
+ * that such works are identified as "derived from the RSA Data
+ * Security, Inc. MD4 Message-Digest Algorithm" in all material
+ * mentioning or referencing the derived work.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+For the srclib\apr-util\include\apr_md4.h component:
+
+ *
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+ * rights reserved.
+ *
+ * License to copy and use this software is granted provided that it
+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ * Algorithm" in all material mentioning or referencing this software
+ * or this function.
+ *
+ * License is also granted to make and use derivative works provided
+ * that such works are identified as "derived from the RSA Data
+ * Security, Inc. MD4 Message-Digest Algorithm" in all material
+ * mentioning or referencing the derived work.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+
+For the srclib\apr-util\test\testdbm.c component:
+
+/* ====================================================================
+ * The Apache Software License, Version 1.1
+ *
+ * Copyright (c) 2000-2002 The Apache Software Foundation.  All rights
+ * reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. The end-user documentation included with the redistribution,
+ *    if any, must include the following acknowledgment:
+ *       "This product includes software developed by the
+ *        Apache Software Foundation (http://www.apache.org/)."
+ *    Alternately, this acknowledgment may appear in the software itself,
+ *    if and wherever such third-party acknowledgments normally appear.
+ *
+ * 4. The names "Apache" and "Apache Software Foundation" must
+ *    not be used to endorse or promote products derived from this
+ *    software without prior written permission. For written
+ *    permission, please contact apache@apache.org.
+ *
+ * 5. Products derived from this software may not be called "Apache",
+ *    nor may "Apache" appear in their name, without prior written
+ *    permission of the Apache Software Foundation.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation.  For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ * This file came from the SDBM package (written by oz@nexus.yorku.ca).
+ * That package was under public domain. This file has been ported to
+ * APR, updated to ANSI C and other, newer idioms, and added to the Apache
+ * codebase under the above copyright and license.
+ */
+
+
+For the srclib\apr-util\test\testmd4.c component:
+
+ *
+ * This is derived from material copyright RSA Data Security, Inc.
+ * Their notice is reproduced below in its entirety.
+ *
+ * Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All
+ * rights reserved.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+For the srclib\apr-util\xml\expat\conftools\install-sh component:
+
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission.  M.I.T. makes no representations about the
+# suitability of this software for any purpose.  It is provided "as is"
+# without express or implied warranty.
+#
+
+For the srclib\pcre\install-sh component:
+
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission.  M.I.T. makes no representations about the
+# suitability of this software for any purpose.  It is provided "as is"
+# without express or implied warranty.
+
+For the pcre component:
+
+PCRE LICENCE
+------------
+
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel <ph10@cam.ac.uk>
+
+University of Cambridge Computing Service,
+Cambridge, England. Phone: +44 1223 334714.
+
+Copyright (c) 1997-2001 University of Cambridge
+
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission. In practice, this means that if you use
+   PCRE in software which you distribute to others, commercially or
+   otherwise, you must put a sentence like this
+
+     Regular expression support is provided by the PCRE library package,
+     which is open source software, written by Philip Hazel, and copyright
+     by the University of Cambridge, England.
+
+   somewhere reasonably visible in your documentation and in any relevant
+   files or online help data or similar. A reference to the ftp site for
+   the source, that is, to
+
+     ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
+
+   should also be given in the documentation.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), or Lesser General Purpose Licence (LGPL),
+   then the terms of that licence shall supersede any condition above with
+   which it is incompatible.
+
+The documentation for PCRE, supplied in the "doc" directory, is distributed
+under the same terms as the software itself.
+
+End PCRE LICENCE
+
+
+For the test\zb.c component:
+
+/*                          ZeusBench V1.01
+			    ===============
+
+This program is Copyright (C) Zeus Technology Limited 1996.
+
+This program may be used and copied freely providing this copyright notice
+is not removed.
+
+This software is provided "as is" and any express or implied waranties, 
+including but not limited to, the implied warranties of merchantability and
+fitness for a particular purpose are disclaimed.  In no event shall 
+Zeus Technology Ltd. be liable for any direct, indirect, incidental, special, 
+exemplary, or consequential damaged (including, but not limited to, 
+procurement of substitute good or services; loss of use, data, or profits;
+or business interruption) however caused and on theory of liability.  Whether
+in contract, strict liability or tort (including negligence or otherwise) 
+arising in any way out of the use of this software, even if advised of the
+possibility of such damage.
+
+     Written by Adam Twiss (adam@zeus.co.uk).  March 1996
+
+Thanks to the following people for their input:
+  Mike Belshe (mbelshe@netscape.com) 
+  Michael Campanella (campanella@stevms.enet.dec.com)
+
+*/
+
+For the expat xml parser component:
+
+Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd
+                               and Clark Cooper
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+	
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+	
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+====================================================================
diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf
new file mode 100644
index 000000000..878a4e655
--- /dev/null
+++ b/base/tps/apache/conf/httpd.conf
@@ -0,0 +1,1085 @@
+#
+# Based upon the NCSA server configuration files originally by Rob McCool.
+#
+# This is the main Apache server configuration file.  It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
+# the directives.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do.  They're here only as hints or reminders.  If you are unsure
+# consult the online docs. You have been warned.  
+#
+# The configuration directives are grouped into three basic sections:
+#  1. Directives that control the operation of the Apache server process as a
+#     whole (the 'global environment').
+#  2. Directives that define the parameters of the 'main' or 'default' server,
+#     which responds to requests that aren't handled by a virtual host.
+#     These directives also provide default values for the settings
+#     of all virtual hosts.
+#  3. Settings for virtual hosts, which allow Web requests to be sent to
+#     different IP addresses or hostnames and have them handled by the
+#     same Apache server process.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path.  If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
+# with ServerRoot set to "/export/apache" will be interpreted by the
+# server as "/export/apache/logs/foo.log".
+#
+
+### Section 1: Global Environment
+#
+# The directives in this section affect the overall operation of Apache,
+# such as the number of concurrent requests it can handle or where it
+# can find its configuration files.
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE!  If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation (available
+# at <URL:http://httpd.apache.org/docs-2.0/mod/mpm_common.html#lockfile>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+ServerRoot "[SERVER_ROOT]"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+<IfModule !mpm_winnt.c>
+<IfModule !mpm_netware.c>
+#LockFile logs/accept.lock
+</IfModule>
+</IfModule>
+
+#
+# ScoreBoardFile: File used to store internal server process information.
+# If unspecified (the default), the scoreboard will be stored in an
+# anonymous shared memory segment, and will be unavailable to third-party
+# applications.
+# If specified, ensure that no two invocations of Apache share the same
+# scoreboard file. The scoreboard file MUST BE STORED ON A LOCAL DISK.
+#
+<IfModule !mpm_netware.c>
+<IfModule !perchild.c>
+#ScoreBoardFile logs/apache_runtime_status
+</IfModule>
+</IfModule>
+
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+<IfModule !mpm_netware.c>
+PidFile run/[PKI_INSTANCE_ID].pid
+</IfModule>
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 15
+
+##
+## Server-Pool Size Regulation (MPM specific)
+## 
+
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxClients: maximum number of server processes allowed to start
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule prefork.c>
+StartServers         5
+MinSpareServers      5
+MaxSpareServers     10
+MaxClients         150
+MaxRequestsPerChild  0
+</IfModule>
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MaxClients: maximum number of simultaneous client connections
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule worker.c>
+ServerLimit          1
+StartServers         1
+MaxClients          64
+MinSpareThreads     1
+MaxSpareThreads     75 
+ThreadsPerChild     64
+MaxRequestsPerChild  0
+</IfModule>
+
+# perchild MPM
+# NumServers: constant number of server processes
+# StartThreads: initial number of worker threads in each server process
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# MaxThreadsPerChild: maximum number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of connections per server process
+<IfModule perchild.c>
+NumServers           5
+StartThreads         5
+MinSpareThreads      5
+MaxSpareThreads     10
+MaxThreadsPerChild  20
+MaxRequestsPerChild  0
+</IfModule>
+
+# WinNT MPM
+# ThreadsPerChild: constant number of worker threads in the server process
+# MaxRequestsPerChild: maximum  number of requests a server process serves
+<IfModule mpm_winnt.c>
+ThreadsPerChild 250
+MaxRequestsPerChild  0
+</IfModule>
+
+# BeOS MPM
+# StartThreads: how many threads do we initially spawn?
+# MaxClients:   max number of threads we can have (1 thread == 1 client)
+# MaxRequestsPerThread: maximum number of requests each thread will process
+<IfModule beos.c>
+StartThreads               10
+MaxClients                 50
+MaxRequestsPerThread       10000
+</IfModule>    
+
+# NetWare MPM
+# ThreadStackSize: Stack size allocated for each worker thread
+# StartThreads: Number of worker threads launched at server startup
+# MinSpareThreads: Minimum number of idle threads, to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads
+# MaxThreads: Maximum number of worker threads alive at the same time
+# MaxRequestsPerChild: Maximum  number of requests a thread serves. It is 
+#                      recommended that the default value of 0 be set for this
+#                      directive on NetWare.  This will allow the thread to 
+#                      continue to service requests indefinitely.                          
+<IfModule mpm_netware.c>
+ThreadStackSize      65536
+StartThreads           250
+MinSpareThreads         25
+MaxSpareThreads        250
+MaxThreads            1000
+MaxRequestsPerChild      0
+MaxMemFree             100
+</IfModule>
+
+# OS/2 MPM
+# StartServers: Number of server processes to maintain
+# MinSpareThreads: Minimum number of idle threads per process, 
+#                  to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads per process
+# MaxRequestsPerChild: Maximum number of connections per server process
+<IfModule mpmt_os2.c>
+StartServers           2
+MinSpareThreads        5
+MaxSpareThreads       10
+MaxRequestsPerChild    0
+</IfModule>
+
+#
+# Listen: Allows you to bind Apache to specific IP addresses and/or
+# ports, instead of the default. See also the <VirtualHost>
+# directive.
+#
+# Change this to Listen on specific IP addresses as shown below to 
+# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
+#
+#Listen 12.34.56.78:80
+
+Listen [PORT]
+
+#
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Statically compiled modules (those listed by `httpd -l') do not need
+# to be loaded here.
+#
+# Example:
+# LoadModule foo_module modules/mod_foo.so
+#
+
+# Required modules for command 'Order':
+[FORTITUDE_AUTH_MODULES]
+# Required module for command 'UserDir':
+LoadModule userdir_module [FORTITUDE_LIB_DIR]/modules/mod_userdir.so
+# Required module for command 'DirectoryIndex':
+LoadModule dir_module [FORTITUDE_LIB_DIR]/modules/mod_dir.so
+# Required module for command 'TypesConfig':
+LoadModule mime_module [FORTITUDE_LIB_DIR]/modules/mod_mime.so
+# Required module for command 'LogFormat':
+LoadModule log_config_module [FORTITUDE_LIB_DIR]/modules/mod_log_config.so
+# Required module for command 'Alias':
+LoadModule alias_module [FORTITUDE_LIB_DIR]/modules/mod_alias.so
+# Required module for command 'SetEnvIf':
+LoadModule setenvif_module [FORTITUDE_LIB_DIR]/modules/mod_setenvif.so
+# Required module for command 'IndexOptions':
+LoadModule autoindex_module [FORTITUDE_LIB_DIR]/modules/mod_autoindex.so
+# Required module for command 'LanguagePriority':
+LoadModule negotiation_module [FORTITUDE_LIB_DIR]/modules/mod_negotiation.so
+# Required module for command 'CGI Scripts':
+LoadModule cgi_module [FORTITUDE_LIB_DIR]/modules/mod_cgi.so
+# Required module for commands in nss.conf:
+[FORTITUDE_NSS_MODULES]
+# Required module for command 'TPSConfigPathFile':
+LoadModule tps_module         [FORTITUDE_MODULE]/mod_tps.so
+# Required module for command 'TokendbConfigPathFile':
+LoadModule tokendb_module     [FORTITUDE_MODULE]/mod_tokendb.so
+
+<Location /nk_service>
+    SetHandler nk_service
+</Location>
+
+<Location /tus>
+    SetHandler tus
+</Location>
+
+#
+# Load config files from the config directory "/etc/[PKI_INSTANCE_ID]/conf.d".
+#
+#Include conf.d/*.conf
+Include [SERVER_ROOT]/conf/perl.conf
+
+#
+# ExtendedStatus controls whether Apache will generate "full" status
+# information (ExtendedStatus On) or just basic information (ExtendedStatus
+# Off) when the "server-status" handler is called. The default is Off.
+#
+#ExtendedStatus On
+
+### Section 2: 'Main' server configuration
+#
+# The directives in this section set up the values used by the 'main'
+# server, which responds to any requests that aren't handled by a
+# <VirtualHost> definition.  These values also provide defaults for
+# any <VirtualHost> containers you may define later in the file.
+#
+# All of these directives may appear inside <VirtualHost> containers,
+# in which case these default settings will be overridden for the
+# virtual host being defined.
+#
+
+<IfModule !mpm_winnt.c>
+<IfModule !mpm_netware.c>
+#
+# If you wish [PKI_INSTANCE_ID] to run as a different user or group, you must run
+# [PKI_INSTANCE_ID] as root initially and it will switch.  
+#
+# User/Group: The name (or #number) of the user/group to run [PKI_INSTANCE_ID] as.
+#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
+#  . On HPUX you may not be able to use shared memory as nobody, and the
+#    suggested workaround is to create a user www and use that user.
+#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
+#  when the value of (unsigned)Group is above 60000; 
+#  don't use Group #-1 on these systems!
+#
+User [PKI_USER]
+Group [PKI_GROUP]
+#Group #-1
+</IfModule>
+</IfModule>
+
+#
+# ServerAdmin: Your address, where problems with the server should be
+# e-mailed.  This address appears on some server-generated pages, such
+# as error documents.  e.g. admin@your-domain.com
+#
+ServerAdmin you@example.com
+
+#
+# ServerName gives the name and port that the server uses to identify itself.
+# This can often be determined automatically, but we recommend you specify
+# it explicitly to prevent problems during startup.
+#
+# If this is not set to valid DNS name for your host, server-generated
+# redirections will not work.  See also the UseCanonicalName directive.
+#
+# If your host doesn't have a registered DNS name, enter its IP address here.
+# You will have to access it by its address anyway, and this will make 
+# redirections work in a sensible way.
+#
+#ServerName www.example.com:80
+
+#
+# UseCanonicalName: Determines how Apache constructs self-referencing 
+# URLs and the SERVER_NAME and SERVER_PORT variables.
+# When set "Off", Apache will use the Hostname and Port supplied
+# by the client.  When set "On", Apache will use the value of the
+# ServerName directive.
+#
+UseCanonicalName Off
+
+#
+# DocumentRoot: The directory out of which you will serve your
+# documents. By default, all requests are taken from this directory, but
+# symbolic links and aliases may be used to point to other locations.
+#
+DocumentRoot "[SERVER_ROOT]/docroot"
+
+#
+# Each directory to which Apache has access can be configured with respect
+# to which services and features are allowed and/or disabled in that
+# directory (and its subdirectories). 
+#
+# First, we configure the "default" to be a very restrictive set of 
+# features.  
+#
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+</Directory>
+
+#
+# Note that from this point forward you must specifically allow
+# particular features to be enabled - so if something's not working as
+# you might expect, make sure that you have specifically enabled it
+# below.
+#
+
+#
+# This should be changed to whatever you set DocumentRoot to.
+#
+<Directory "[SERVER_ROOT]/docroot">
+
+#
+# Possible values for the Options directive are "None", "All",
+# or any combination of:
+#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
+#
+# Note that "MultiViews" must be named *explicitly* --- "Options All"
+# doesn't give it to you.
+#
+# The Options directive is both complicated and important.  Please see
+# http://httpd.apache.org/docs-2.0/mod/core.html#options
+# for more information.
+#
+    Options Indexes ExecCGI FollowSymLinks
+
+#
+# AllowOverride controls what directives may be placed in .htaccess files.
+# It can be "All", "None", or any combination of the keywords:
+#   Options FileInfo AuthConfig Limit
+#
+    AllowOverride None
+
+#
+# Controls who can get stuff from this server.
+#
+    Order allow,deny
+    Allow from all
+
+</Directory>
+
+#
+# UserDir: The name of the directory that is appended onto a user's home
+# directory if a ~user request is received.
+#
+UserDir public_html
+
+#
+# Control access to UserDir directories.  The following is an example
+# for a site where these directories are restricted to read-only.
+#
+#<Directory /home/*/public_html>
+#    AllowOverride FileInfo AuthConfig Limit Indexes
+#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+#    <Limit GET POST OPTIONS PROPFIND>
+#        Order allow,deny
+#        Allow from all
+#    </Limit>
+#    <LimitExcept GET POST OPTIONS PROPFIND>
+#        Order deny,allow
+#        Deny from all
+#    </LimitExcept>
+#</Directory>
+
+#
+# DirectoryIndex: sets the file that Apache will serve if a directory
+# is requested.
+#
+# The index.html.var file (a type-map) is used to deliver content-
+# negotiated documents.  The MultiViews Option can be used for the 
+# same purpose, but it is much slower.
+#
+DirectoryIndex index.html index.html.var
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives.  See also the AllowOverride 
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being 
+# viewed by Web clients. 
+#
+<Files ~ "^\.ht">
+    Order allow,deny
+    Deny from all
+</Files>
+
+#
+# TypesConfig describes where the mime.types file (or equivalent) is
+# to be found.
+#
+TypesConfig conf/mime.types
+
+#
+# DefaultType is the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value.  If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+DefaultType text/plain
+
+#
+# The mod_mime_magic module allows the server to use various hints from the
+# contents of the file itself to determine its type.  The MIMEMagicFile
+# directive tells the module where the hint definitions are located.
+#
+<IfModule mod_mime_magic.c>
+    MIMEMagicFile conf/magic
+</IfModule>
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+#
+# EnableMMAP: Control whether memory-mapping is used to deliver
+# files (assuming that the underlying OS supports it).
+# The default is on; turn this off if you serve from NFS-mounted 
+# filesystems.  On some systems, turning it off (regardless of
+# filesystem) can improve performance; for details, please see
+# http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
+#
+#EnableMMAP off
+
+#
+# EnableSendfile: Control whether the sendfile kernel support is 
+# used  to deliver files (assuming that the OS supports it).
+# The default is on; turn this off if you serve from NFS-mounted 
+# filesystems.  Please see
+# http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
+#
+#EnableSendfile off
+
+#
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog logs/error_log
+
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+#LogLevel warn
+LogLevel debug
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+#
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# You need to enable mod_logio.c to use %I and %O
+#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+
+#
+# The location and format of the access logfile (Common Logfile Format).
+# If you do not define any access logfiles within a <VirtualHost>
+# container, they will be logged here.  Contrariwise, if you *do*
+# define per-<VirtualHost> access logfiles, transactions will be
+# logged therein and *not* in this file.
+#
+CustomLog logs/access_log common
+
+#
+# If you would like to have agent and referer logfiles, uncomment the
+# following directives.
+#
+#CustomLog logs/referer_log referer
+#CustomLog logs/agent_log agent
+
+#
+# If you prefer a single logfile with access, agent, and referer information
+# (Combined Logfile Format) you can use the following directive.
+#
+#CustomLog logs/access_log combined
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+ServerTokens Prod
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory 
+# listings, mod_status and mod_info output etc., but not CGI generated 
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of:  On | Off | EMail
+#
+ServerSignature Off
+
+#
+# Aliases: Add here as many aliases as you need (with no limit). The format is 
+# Alias fakename realname
+#
+# Note that if you include a trailing / on fakename then the server will
+# require it to be present in the URL.  So "/icons" isn't aliased in this
+# example, only "/icons/".  If the fakename is slash-terminated, then the 
+# realname must also be slash terminated, and if the fakename omits the 
+# trailing slash, the realname must also omit it.
+#
+# We include the /icons/ alias for FancyIndexed directory listings.  If you
+# do not use FancyIndexing, you may comment this out.
+#
+Alias /icons/ "[SERVER_ROOT]/icons/"
+
+<Directory "[SERVER_ROOT]/icons">
+    Options Indexes MultiViews
+    AllowOverride None
+    Order allow,deny
+    Allow from all
+</Directory>
+
+#
+# This should be changed to the ServerRoot/manual/.  The alias provides
+# the manual, even if you choose to move your DocumentRoot.  You may comment
+# this out if you do not care for the documentation.
+#
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|ru))?(/.*)?$ "[SERVER_ROOT]/manual$1"
+
+<Directory "[SERVER_ROOT]/manual">
+    Options Indexes
+    AllowOverride None
+    Order allow,deny
+    Allow from all
+
+    <Files *.html>
+        SetHandler type-map
+    </Files>
+
+    SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|ru)/ prefer-language=$1
+    RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|ru)){2,}(/.*)?$ /manual/$1$2
+</Directory>
+
+#
+# ScriptAlias: This controls which directories contain server scripts.
+# ScriptAliases are essentially the same as Aliases, except that
+# documents in the realname directory are treated as applications and
+# run by the server when requested rather than as documents sent to the client.
+# The same rules about trailing "/" apply to ScriptAlias directives as to
+# Alias.
+#
+ScriptAlias /cgi-bin/ "[SERVER_ROOT]/cgi-bin/"
+
+<IfModule mod_cgid.c>
+#
+# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
+# for setting UNIX socket for communicating with cgid.
+#
+#Scriptsock            logs/cgisock
+</IfModule>
+
+#
+# "[SERVER_ROOT]/cgi-bin" should be changed to whatever your ScriptAliased
+# CGI directory exists, if you have that configured.
+#
+<Directory "[SERVER_ROOT]/cgi-bin">
+    AllowOverride None
+    Options ExecCGI
+    Order allow,deny
+    Allow from all
+</Directory>
+
+#
+# Redirect allows you to tell clients about documents which used to exist in
+# your server's namespace, but do not anymore. This allows you to tell the
+# clients where to look for the relocated document.
+# Example:
+# Redirect permanent /foo http://www.example.com/bar
+
+#
+# Directives controlling the display of server-generated directory listings.
+#
+
+#
+# IndexOptions: Controls the appearance of server-generated directory
+# listings.
+#
+IndexOptions FancyIndexing VersionSort
+
+#
+# AddIcon* directives tell the server which icon to show for different
+# files or filename extensions.  These are only displayed for
+# FancyIndexed directories.
+#
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+#
+# DefaultIcon is which icon to show for files which do not have an icon
+# explicitly set.
+#
+DefaultIcon /icons/unknown.gif
+
+#
+# AddDescription allows you to place a short description after a file in
+# server-generated indexes.  These are only displayed for FancyIndexed
+# directories.
+# Format: AddDescription "description" filename
+#
+#AddDescription "GZIP compressed document" .gz
+#AddDescription "tar archive" .tar
+#AddDescription "GZIP compressed tar archive" .tgz
+
+#
+# ReadmeName is the name of the README file the server will look for by
+# default, and append to directory listings.
+#
+# HeaderName is the name of a file which should be prepended to
+# directory indexes. 
+ReadmeName README.html
+HeaderName HEADER.html
+
+#
+# IndexIgnore is a set of filenames which directory indexing should ignore
+# and not include in the listing.  Shell-style wildcarding is permitted.
+#
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+
+#
+# DefaultLanguage and AddLanguage allows you to specify the language of 
+# a document. You can then use content negotiation to give a browser a 
+# file in a language the user can understand.
+#
+# Specify a default language. This means that all data
+# going out without a specific language tag (see below) will 
+# be marked with this one. You probably do NOT want to set
+# this unless you are sure it is correct for all cases.
+#
+# * It is generally better to not mark a page as 
+# * being a certain language than marking it with the wrong
+# * language!
+#
+# DefaultLanguage nl
+#
+# Note 1: The suffix does not have to be the same as the language
+# keyword --- those with documents in Polish (whose net-standard
+# language code is pl) may wish to use "AddLanguage pl .po" to
+# avoid the ambiguity with the common suffix for perl scripts.
+#
+# Note 2: The example entries below illustrate that in some cases 
+# the two character 'Language' abbreviation is not identical to 
+# the two character 'Country' code for its country,
+# E.g. 'Danmark/dk' versus 'Danish/da'.
+#
+# Note 3: In the case of 'ltz' we violate the RFC by using a three char
+# specifier. There is 'work in progress' to fix this and get
+# the reference data for rfc1766 cleaned up.
+#
+# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+# Norwegian (no) - Polish (pl) - Portugese (pt)
+# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
+#
+AddLanguage ca .ca
+AddLanguage cs .cz .cs
+AddLanguage da .dk
+AddLanguage de .de
+AddLanguage el .el
+AddLanguage en .en
+AddLanguage eo .eo
+AddLanguage es .es
+AddLanguage et .et
+AddLanguage fr .fr
+AddLanguage he .he
+AddLanguage hr .hr
+AddLanguage it .it
+AddLanguage ja .ja
+AddLanguage ko .ko
+AddLanguage ltz .ltz
+AddLanguage nl .nl
+AddLanguage nn .nn
+AddLanguage no .no
+AddLanguage pl .po
+AddLanguage pt .pt
+AddLanguage pt-BR .pt-br
+AddLanguage ru .ru
+AddLanguage sv .sv
+AddLanguage zh-CN .zh-cn
+AddLanguage zh-TW .zh-tw
+
+#
+# LanguagePriority allows you to give precedence to some languages
+# in case of a tie during content negotiation.
+#
+# Just list the languages in decreasing order of preference. We have
+# more or less alphabetized them here. You probably want to change this.
+#
+LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
+
+#
+# ForceLanguagePriority allows you to serve a result page rather than
+# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+# [in case no accepted languages matched the available variants]
+#
+ForceLanguagePriority Prefer Fallback
+
+#
+# Commonly used filename extensions to character sets. You probably
+# want to avoid clashes with the language extensions, unless you
+# are good at carefully testing your setup after each change.
+# See http://www.iana.org/assignments/character-sets for the
+# official list of charset names and their respective RFCs.
+#
+AddCharset ISO-8859-1  .iso8859-1  .latin1
+AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
+AddCharset ISO-8859-3  .iso8859-3  .latin3
+AddCharset ISO-8859-4  .iso8859-4  .latin4
+AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
+AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
+AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
+AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
+AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
+AddCharset ISO-2022-JP .iso2022-jp .jis
+AddCharset ISO-2022-KR .iso2022-kr .kis
+AddCharset ISO-2022-CN .iso2022-cn .cis
+AddCharset Big5        .Big5       .big5
+# For russian, more than one charset is used (depends on client, mostly):
+AddCharset WINDOWS-1251 .cp-1251   .win-1251
+AddCharset CP866       .cp866
+AddCharset KOI8-r      .koi8-r .koi8-ru
+AddCharset KOI8-ru     .koi8-uk .ua
+AddCharset ISO-10646-UCS-2 .ucs2
+AddCharset ISO-10646-UCS-4 .ucs4
+AddCharset UTF-8       .utf8
+
+# The set below does not map to a specific (iso) standard
+# but works on a fairly wide range of browsers. Note that
+# capitalization actually matters (it should not, but it
+# does for some browsers).
+#
+# See http://www.iana.org/assignments/character-sets
+# for a list of sorts. But browsers support few.
+#
+AddCharset GB2312      .gb2312 .gb 
+AddCharset utf-7       .utf7
+AddCharset utf-8       .utf8
+AddCharset big5        .big5 .b5
+AddCharset EUC-TW      .euc-tw
+AddCharset EUC-JP      .euc-jp
+AddCharset EUC-KR      .euc-kr
+AddCharset shift_jis   .sjis
+
+#
+# AddType allows you to add to or override the MIME configuration
+# file mime.types for specific file types.
+#
+#AddType application/x-tar .tgz
+#
+# AddEncoding allows you to have certain browsers uncompress
+# information on the fly. Note: Not all browsers support this.
+# Despite the name similarity, the following Add* directives have nothing
+# to do with the FancyIndexing customization directives above.
+#
+#AddEncoding x-compress .Z
+#AddEncoding x-gzip .gz .tgz
+#
+# If the AddEncoding directives above are commented-out, then you
+# probably should define those extensions to indicate media types:
+#
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+#
+# AddHandler allows you to map certain file extensions to "handlers":
+# actions unrelated to filetype. These can be either built into the server
+# or added with the Action directive (see below)
+#
+# To use CGI scripts outside of ScriptAliased directories:
+# (You will also need to add "ExecCGI" to the "Options" directive.)
+#
+AddHandler cgi-script .cgi
+
+#
+# For files that include their own HTTP headers:
+#
+#AddHandler send-as-is asis
+
+#
+# For server-parsed imagemap files:
+#
+#AddHandler imap-file map
+
+#
+# For type maps (negotiated resources):
+# (This is enabled by default to allow the Apache "It Worked" page
+#  to be distributed in multiple languages.)
+#
+AddHandler type-map var
+
+#
+# Filters allow you to process content before it is sent to the client.
+#
+# To parse .shtml files for server-side includes (SSI):
+# (You will also need to add "Includes" to the "Options" directive.)
+#
+#AddType text/html .shtml
+#AddOutputFilter INCLUDES .shtml
+
+#
+# Action lets you define media types that will execute a script whenever
+# a matching file is called. This eliminates the need for repeated URL
+# pathnames for oft-used CGI file processors.
+# Format: Action media/type /cgi-script/location
+# Format: Action handler-name /cgi-script/location
+#
+
+#
+# Customizable error responses come in three flavors:
+# 1) plain text 2) local redirects 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# Putting this all together, we can internationalize error responses.
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections.  We use 
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+#   Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /export/apache/error/include/ files and copying them to /your/include/path/, 
+# even on a per-VirtualHost basis.  The default include files will display
+# your Apache version number and your ServerAdmin email address regardless
+# of the setting of ServerSignature.
+#
+# The internationalized error documents require mod_alias, mod_include
+# and mod_negotiation.  To activate them, uncomment the following 30 lines.
+
+#    Alias /error/ "/export/apache/error/"
+#
+#    <Directory "/export/apache/error">
+#        AllowOverride None
+#        Options IncludesNoExec
+#        AddOutputFilter Includes html
+#        AddHandler type-map var
+#        Order allow,deny
+#        Allow from all
+#        LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
+#        ForceLanguagePriority Prefer Fallback
+#    </Directory>
+#
+#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+#    ErrorDocument 410 /error/HTTP_GONE.html.var
+#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+#[ErrorDocument_404]
+#[ErrorDocument_500]
+
+
+#
+# The following directives modify normal HTTP response behavior to
+# handle known problems with browser implementations.
+#
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4\.0" force-response-1.0
+BrowserMatch "Java/1\.0" force-response-1.0
+BrowserMatch "JDK/1\.0" force-response-1.0
+
+#
+# The following directive disables redirects on non-GET requests for
+# a directory that does not include the trailing slash.  This fixes a 
+# problem with Microsoft WebFolders which does not appropriately handle 
+# redirects for folders with DAV methods.
+# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
+#
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
+BrowserMatch "^gnome-vfs" redirect-carefully
+
+#
+# Allow server status reports generated by mod_status,
+# with the URL of http://servername/server-status
+# Change the ".example.com" to match your domain to enable.
+#
+#<Location /server-status>
+#    SetHandler server-status
+#    Order deny,allow
+#    Deny from all
+#    Allow from .example.com
+#</Location>
+
+#
+# Allow remote server configuration reports, with the URL of
+#  http://servername/server-info (requires that mod_info.c be loaded).
+# Change the ".example.com" to match your domain to enable.
+#
+#<Location /server-info>
+#    SetHandler server-info
+#    Order deny,allow
+#    Deny from all
+#    Allow from .example.com
+#</Location>
+
+
+#
+# Bring in additional module-specific configurations
+#
+#<IfModule mod_ssl.c>
+#    Include conf/ssl.conf
+#</IfModule>
+Include [SERVER_ROOT]/conf/nss.conf
+
+TPSConfigPathFile [SERVER_ROOT]/conf/CS.cfg
+
+TokendbConfigPathFile [SERVER_ROOT]/conf/CS.cfg
+
+### Section 3: Virtual Hosts
+#
+# VirtualHost: If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them. Most configurations
+# use only name-based virtual hosts so the server doesn't need to worry about
+# IP addresses. This is indicated by the asterisks in the directives below.
+#
+# Please see the documentation at 
+# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
+# for further details before you try to setup virtual hosts.
+#
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+
+#
+# Use name-based virtual hosting.
+#
+#NameVirtualHost *:80
+
+#
+# VirtualHost example:
+# Almost any Apache directive may go into a VirtualHost container.
+# The first VirtualHost section is used for requests without a known
+# server name.
+#
+#<VirtualHost *:80>
+#    ServerAdmin webmaster@dummy-host.example.com
+#    DocumentRoot /www/docs/dummy-host.example.com
+#    ServerName dummy-host.example.com
+#    ErrorLog logs/dummy-host.example.com-error_log
+#    CustomLog logs/dummy-host.example.com-access_log common
+#</VirtualHost>
+
+#turn off TRACE by default
+TraceEnable Off
diff --git a/base/tps/apache/conf/magic b/base/tps/apache/conf/magic
new file mode 100644
index 000000000..0de73361f
--- /dev/null
+++ b/base/tps/apache/conf/magic
@@ -0,0 +1,382 @@
+# Magic data for mod_mime_magic Apache module (originally for file(1) command)
+# The module is described in /manual/mod/mod_mime_magic.html
+#
+# The format is 4-5 columns:
+#    Column #1: byte number to begin checking from, ">" indicates continuation
+#    Column #2: type of data to match
+#    Column #3: contents of data to match
+#    Column #4: MIME type of result
+#    Column #5: MIME encoding of result (optional)
+
+#------------------------------------------------------------------------------
+# Localstuff:  file(1) magic for locally observed files
+# Add any locally observed files here.
+
+#------------------------------------------------------------------------------
+# end local stuff
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Java
+
+0	short		0xcafe
+>2	short		0xbabe		application/java
+
+#------------------------------------------------------------------------------
+# audio:  file(1) magic for sound formats
+#
+# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
+#
+
+# Sun/NeXT audio data
+0	string		.snd
+>12	belong		1		audio/basic
+>12	belong		2		audio/basic
+>12	belong		3		audio/basic
+>12	belong		4		audio/basic
+>12	belong		5		audio/basic
+>12	belong		6		audio/basic
+>12	belong		7		audio/basic
+
+>12	belong		23		audio/x-adpcm
+
+# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
+# that uses little-endian encoding and has a different magic number
+# (0x0064732E in little-endian encoding).
+0	lelong		0x0064732E	
+>12	lelong		1		audio/x-dec-basic
+>12	lelong		2		audio/x-dec-basic
+>12	lelong		3		audio/x-dec-basic
+>12	lelong		4		audio/x-dec-basic
+>12	lelong		5		audio/x-dec-basic
+>12	lelong		6		audio/x-dec-basic
+>12	lelong		7		audio/x-dec-basic
+#                                       compressed (G.721 ADPCM)
+>12	lelong		23		audio/x-dec-adpcm
+
+# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
+#					AIFF audio data
+8	string		AIFF		audio/x-aiff	
+#					AIFF-C audio data
+8	string		AIFC		audio/x-aiff	
+#					IFF/8SVX audio data
+8	string		8SVX		audio/x-aiff	
+
+# Creative Labs AUDIO stuff
+#					Standard MIDI data
+0	string	MThd			audio/unknown	
+#>9 	byte	>0			(format %d)
+#>11	byte	>1			using %d channels
+#					Creative Music (CMF) data
+0	string	CTMF			audio/unknown	
+#					SoundBlaster instrument data
+0	string	SBI			audio/unknown	
+#					Creative Labs voice data
+0	string	Creative\ Voice\ File	audio/unknown	
+## is this next line right?  it came this way...
+#>19	byte	0x1A
+#>23	byte	>0			- version %d
+#>22	byte	>0			\b.%d
+
+# [GRR 950115:  is this also Creative Labs?  Guessing that first line
+#  should be string instead of unknown-endian long...]
+#0	long		0x4e54524b	MultiTrack sound data
+#0	string		NTRK		MultiTrack sound data
+#>4	long		x		- version %ld
+
+# Microsoft WAVE format (*.wav)
+# [GRR 950115:  probably all of the shorts and longs should be leshort/lelong]
+#					Microsoft RIFF
+0	string		RIFF		audio/unknown
+#					- WAVE format
+>8	string		WAVE		audio/x-wav
+# MPEG audio.
+0   beshort&0xfff0  0xfff0  audio/mpeg
+# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
+0   string      PSID        audio/prs.sid
+
+#------------------------------------------------------------------------------
+# c-lang:  file(1) magic for C programs or various scripts
+#
+
+# XPM icons (Greg Roelofs, newt@uchicago.edu)
+# ideally should go into "images", but entries below would tag XPM as C source
+0	string		/*\ XPM		image/x-xbm	7bit
+
+# this first will upset you if you're a PL/1 shop... (are there any left?)
+# in which case rm it; ascmagic will catch real C programs
+#					C or REXX program text
+0	string		/*		text/plain
+#					C++ program text
+0	string		//		text/plain
+
+#------------------------------------------------------------------------------
+# compress:  file(1) magic for pure-compression formats (no archives)
+#
+# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
+#
+# Formats for various forms of compressed data
+# Formats for "compress" proper have been moved into "compress.c",
+# because it tries to uncompress it to figure out what's inside.
+
+# standard unix compress
+0	string		\037\235	application/octet-stream	x-compress
+
+# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
+0       string          \037\213        application/octet-stream	x-gzip
+
+# According to gzip.h, this is the correct byte order for packed data.
+0	string		\037\036	application/octet-stream
+#
+# This magic number is byte-order-independent.
+#
+0	short		017437		application/octet-stream
+
+# XXX - why *two* entries for "compacted data", one of which is
+# byte-order independent, and one of which is byte-order dependent?
+#
+# compacted data
+0	short		0x1fff		application/octet-stream
+0	string		\377\037	application/octet-stream
+# huf output
+0	short		0145405		application/octet-stream
+
+# Squeeze and Crunch...
+# These numbers were gleaned from the Unix versions of the programs to
+# handle these formats.  Note that I can only uncrunch, not crunch, and
+# I didn't have a crunched file handy, so the crunch number is untested.
+#				Keith Waclena <keith@cerberus.uchicago.edu>
+#0	leshort		0x76FF		squeezed data (CP/M, DOS)
+#0	leshort		0x76FE		crunched data (CP/M, DOS)
+
+# Freeze
+#0	string		\037\237	Frozen file 2.1
+#0	string		\037\236	Frozen file 1.0 (or gzip 0.5)
+
+# lzh?
+#0	string		\037\240	LZH compressed data
+
+#------------------------------------------------------------------------------
+# frame:  file(1) magic for FrameMaker files
+#
+# This stuff came on a FrameMaker demo tape, most of which is
+# copyright, but this file is "published" as witness the following:
+#
+0	string		\<MakerFile	application/x-frame
+0	string		\<MIFFile	application/x-frame
+0	string		\<MakerDictionary	application/x-frame
+0	string		\<MakerScreenFon	application/x-frame
+0	string		\<MML		application/x-frame
+0	string		\<Book		application/x-frame
+0	string		\<Maker		application/x-frame
+
+#------------------------------------------------------------------------------
+# html:  file(1) magic for HTML (HyperText Markup Language) docs
+#
+# from Daniel Quinlan <quinlan@yggdrasil.com>
+# and Anna Shergold <anna@inext.co.uk>
+#
+0   string      \<!DOCTYPE\ HTML    text/html
+0   string      \<!doctype\ html    text/html
+0   string      \<HEAD      text/html
+0   string      \<head      text/html
+0   string      \<TITLE     text/html
+0   string      \<title     text/html
+0   string      \<html      text/html
+0   string      \<HTML      text/html
+0   string      \<!--       text/html
+0   string      \<h1        text/html
+0   string      \<H1        text/html
+
+# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
+0   string      \<?xml      text/xml
+
+#------------------------------------------------------------------------------
+# images:  file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
+#
+# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
+# additions by janl@ifi.uio.no as well as others. Jan also suggested
+# merging several one- and two-line files into here.
+#
+# XXX - byte order for GIF and TIFF fields?
+# [GRR:  TIFF allows both byte orders; GIF is probably little-endian]
+#
+
+# [GRR:  what the hell is this doing in here?]
+#0	string		xbtoa		btoa'd file
+
+# PBMPLUS
+#					PBM file
+0	string		P1		image/x-portable-bitmap	7bit
+#					PGM file
+0	string		P2		image/x-portable-greymap	7bit
+#					PPM file
+0	string		P3		image/x-portable-pixmap	7bit
+#					PBM "rawbits" file
+0	string		P4		image/x-portable-bitmap
+#					PGM "rawbits" file
+0	string		P5		image/x-portable-greymap
+#					PPM "rawbits" file
+0	string		P6		image/x-portable-pixmap
+
+# NIFF (Navy Interchange File Format, a modification of TIFF)
+# [GRR:  this *must* go before TIFF]
+0	string		IIN1		image/x-niff
+
+# TIFF and friends
+#					TIFF file, big-endian
+0	string		MM		image/tiff
+#					TIFF file, little-endian
+0	string		II		image/tiff
+
+# possible GIF replacements; none yet released!
+# (Greg Roelofs, newt@uchicago.edu)
+#
+# GRR 950115:  this was mine ("Zip GIF"):
+#					ZIF image (GIF+deflate alpha)
+0	string		GIF94z		image/unknown
+#
+# GRR 950115:  this is Jeremy Wohl's Free Graphics Format (better):
+#					FGF image (GIF+deflate beta)
+0	string		FGF95a		image/unknown
+#
+# GRR 950115:  this is Thomas Boutell's Portable Bitmap Format proposal
+# (best; not yet implemented):
+#					PBF image (deflate compression)
+0	string		PBF		image/unknown
+
+# GIF
+0	string		GIF		image/gif
+
+# JPEG images
+0	beshort		0xffd8		image/jpeg
+
+# PC bitmaps (OS/2, Windoze BMP files)  (Greg Roelofs, newt@uchicago.edu)
+0	string		BM		image/bmp
+#>14	byte		12		(OS/2 1.x format)
+#>14	byte		64		(OS/2 2.x format)
+#>14	byte		40		(Windows 3.x format)
+#0	string		IC		icon
+#0	string		PI		pointer
+#0	string		CI		color icon
+#0	string		CP		color pointer
+#0	string		BA		bitmap array
+
+
+#------------------------------------------------------------------------------
+# lisp:  file(1) magic for lisp programs
+#
+# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	string	;;			text/plain	8bit
+# Emacs 18 - this is always correct, but not very magical.
+0	string	\012(			application/x-elc
+# Emacs 19
+0	string	;ELC\023\000\000\000	application/x-elc
+
+#------------------------------------------------------------------------------
+# mail.news:  file(1) magic for mail and news
+#
+# There are tests to ascmagic.c to cope with mail and news.
+0	string		Relay-Version: 	message/rfc822	7bit
+0	string		#!\ rnews	message/rfc822	7bit
+0	string		N#!\ rnews	message/rfc822	7bit
+0	string		Forward\ to 	message/rfc822	7bit
+0	string		Pipe\ to 	message/rfc822	7bit
+0	string		Return-Path:	message/rfc822	7bit
+0	string		Path:		message/news	8bit
+0	string		Xref:		message/news	8bit
+0	string		From:		message/rfc822	7bit
+0	string		Article 	message/news	8bit
+#------------------------------------------------------------------------------
+# msword: file(1) magic for MS Word files
+#
+# Contributor claims:
+# Reversed-engineered MS Word magic numbers
+#
+
+0	string		\376\067\0\043			application/msword
+0	string		\333\245-\0\0\0			application/msword
+
+# disable this one because it applies also to other
+# Office/OLE documents for which msword is not correct. See PR#2608.
+#0	string		\320\317\021\340\241\261	application/msword
+
+
+
+#------------------------------------------------------------------------------
+# printer:  file(1) magic for printer-formatted files
+#
+
+# PostScript
+0	string		%!		application/postscript
+0	string		\004%!		application/postscript
+
+# Acrobat
+# (due to clamen@cs.cmu.edu)
+0	string		%PDF-		application/pdf
+
+#------------------------------------------------------------------------------
+# sc:  file(1) magic for "sc" spreadsheet
+#
+38	string		Spreadsheet	application/x-sc
+
+#------------------------------------------------------------------------------
+# tex:  file(1) magic for TeX files
+#
+# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
+#
+# From <conklin@talisman.kaleida.com>
+
+# Although we may know the offset of certain text fields in TeX DVI
+# and font files, we can't use them reliably because they are not
+# zero terminated. [but we do anyway, christos]
+0	string		\367\002	application/x-dvi
+#0	string		\367\203	TeX generic font data
+#0	string		\367\131	TeX packed font data
+#0	string		\367\312	TeX virtual font data
+#0	string		This\ is\ TeX,	TeX transcript text	
+#0	string		This\ is\ METAFONT,	METAFONT transcript text
+
+# There is no way to detect TeX Font Metric (*.tfm) files without
+# breaking them apart and reading the data.  The following patterns
+# match most *.tfm files generated by METAFONT or afm2tfm.
+#2	string		\000\021	TeX font metric data
+#2	string		\000\022	TeX font metric data
+#>34	string		>\0		(%s)
+
+# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
+#0	string		\\input\ texinfo	Texinfo source text
+#0	string		This\ is\ Info\ file	GNU Info text
+
+# correct TeX magic for Linux (and maybe more)
+# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+#
+0	leshort		0x02f7		application/x-dvi
+
+# RTF - Rich Text Format
+0	string		{\\rtf		application/rtf
+
+#------------------------------------------------------------------------------
+# animation:  file(1) magic for animation/movie formats
+#
+# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+#						MPEG file
+0	string		\000\000\001\263	video/mpeg
+#
+# The contributor claims:
+#   I couldn't find a real magic number for these, however, this
+#   -appears- to work.  Note that it might catch other files, too,
+#   so BE CAREFUL!
+#
+# Note that title and author appear in the two 20-byte chunks
+# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
+# 255 (hex FF)! DL format SUCKS BIG ROCKS.
+#
+#						DL file version 1 , medium format (160x100, 4 images/screen)
+0	byte		1			video/unknown
+0	byte		2			video/unknown
+# Quicktime video, from Linus Walleij <triad@df.lth.se>
+# from Apple quicktime file format documentation.
+4   string      moov        video/quicktime
+4   string      mdat        video/quicktime
+
diff --git a/base/tps/apache/conf/mime.types b/base/tps/apache/conf/mime.types
new file mode 100644
index 000000000..3485692d1
--- /dev/null
+++ b/base/tps/apache/conf/mime.types
@@ -0,0 +1,592 @@
+# This is a comment. I love comments.
+
+# This file controls what Internet media types are sent to the client for
+# given file extension(s).  Sending the correct media type to the client
+# is important so they know how to handle the content of the file.
+# Extra types can either be added here or by using an AddType directive
+# in your config files. For more information about Internet media types,
+# please read RFC 2045, 2046, 2047, 2048, and 2077.  The Internet media type
+# registry is at <http://www.iana.org/assignments/media-types/>.
+
+# MIME type			Extensions
+application/activemessage
+application/andrew-inset	ez
+application/applefile
+application/atom+xml		atom
+application/atomicmail
+application/batch-smtp
+application/beep+xml
+application/cals-1840
+application/cnrp+xml
+application/commonground
+application/cpl+xml
+application/cybercash
+application/dca-rft
+application/dec-dx
+application/dvcs
+application/edi-consent
+application/edifact
+application/edi-x12
+application/eshop
+application/font-tdpfr
+application/http
+application/hyperstudio
+application/iges
+application/index
+application/index.cmd
+application/index.obj
+application/index.response
+application/index.vnd
+application/iotp
+application/ipp
+application/isup
+application/mac-binhex40	hqx
+application/mac-compactpro	cpt
+application/macwriteii
+application/marc
+application/mathematica
+application/mathml+xml		mathml
+application/msword		doc
+application/news-message-id
+application/news-transmission
+application/ocsp-request
+application/ocsp-response
+application/octet-stream	bin dms lha lzh exe class so dll dmg
+application/oda			oda
+application/ogg			ogg
+application/parityfec
+application/pdf			pdf
+application/pgp-encrypted
+application/pgp-keys
+application/pgp-signature
+application/pkcs10
+application/pkcs7-mime
+application/pkcs7-signature
+application/pkix-cert
+application/pkix-crl
+application/pkixcmp
+application/postscript		ai eps ps
+application/prs.alvestrand.titrax-sheet
+application/prs.cww
+application/prs.nprend
+application/prs.plucker
+application/qsig
+application/rdf+xml		rdf
+application/reginfo+xml
+application/remote-printing
+application/riscos
+application/rtf
+application/sdp
+application/set-payment
+application/set-payment-initiation
+application/set-registration
+application/set-registration-initiation
+application/sgml
+application/sgml-open-catalog
+application/sieve
+application/slate
+application/smil		smi smil
+application/srgs		gram
+application/srgs+xml		grxml
+application/timestamp-query
+application/timestamp-reply
+application/tve-trigger
+application/vemmi
+application/vnd.3gpp.pic-bw-large
+application/vnd.3gpp.pic-bw-small
+application/vnd.3gpp.pic-bw-var
+application/vnd.3gpp.sms
+application/vnd.3m.post-it-notes
+application/vnd.accpac.simply.aso
+application/vnd.accpac.simply.imp
+application/vnd.acucobol
+application/vnd.acucorp
+application/vnd.adobe.xfdf
+application/vnd.aether.imp
+application/vnd.amiga.ami
+application/vnd.anser-web-certificate-issue-initiation
+application/vnd.anser-web-funds-transfer-initiation
+application/vnd.audiograph
+application/vnd.blueice.multipass
+application/vnd.bmi
+application/vnd.businessobjects
+application/vnd.canon-cpdl
+application/vnd.canon-lips
+application/vnd.cinderella
+application/vnd.claymore
+application/vnd.commerce-battelle
+application/vnd.commonspace
+application/vnd.contact.cmsg
+application/vnd.cosmocaller
+application/vnd.criticaltools.wbs+xml
+application/vnd.ctc-posml
+application/vnd.cups-postscript
+application/vnd.cups-raster
+application/vnd.cups-raw
+application/vnd.curl
+application/vnd.cybank
+application/vnd.data-vision.rdz
+application/vnd.dna
+application/vnd.dpgraph
+application/vnd.dreamfactory
+application/vnd.dxr
+application/vnd.ecdis-update
+application/vnd.ecowin.chart
+application/vnd.ecowin.filerequest
+application/vnd.ecowin.fileupdate
+application/vnd.ecowin.series
+application/vnd.ecowin.seriesrequest
+application/vnd.ecowin.seriesupdate
+application/vnd.enliven
+application/vnd.epson.esf
+application/vnd.epson.msf
+application/vnd.epson.quickanime
+application/vnd.epson.salt
+application/vnd.epson.ssf
+application/vnd.ericsson.quickcall
+application/vnd.eudora.data
+application/vnd.fdf
+application/vnd.ffsns
+application/vnd.fints
+application/vnd.flographit
+application/vnd.framemaker
+application/vnd.fsc.weblaunch
+application/vnd.fujitsu.oasys
+application/vnd.fujitsu.oasys2
+application/vnd.fujitsu.oasys3
+application/vnd.fujitsu.oasysgp
+application/vnd.fujitsu.oasysprs
+application/vnd.fujixerox.ddd
+application/vnd.fujixerox.docuworks
+application/vnd.fujixerox.docuworks.binder
+application/vnd.fut-misnet
+application/vnd.grafeq
+application/vnd.groove-account
+application/vnd.groove-help
+application/vnd.groove-identity-message
+application/vnd.groove-injector
+application/vnd.groove-tool-message
+application/vnd.groove-tool-template
+application/vnd.groove-vcard
+application/vnd.hbci
+application/vnd.hhe.lesson-player
+application/vnd.hp-hpgl
+application/vnd.hp-hpid
+application/vnd.hp-hps
+application/vnd.hp-pcl
+application/vnd.hp-pclxl
+application/vnd.httphone
+application/vnd.hzn-3d-crossword
+application/vnd.ibm.afplinedata
+application/vnd.ibm.electronic-media
+application/vnd.ibm.minipay
+application/vnd.ibm.modcap
+application/vnd.ibm.rights-management
+application/vnd.ibm.secure-container
+application/vnd.informix-visionary
+application/vnd.intercon.formnet
+application/vnd.intertrust.digibox
+application/vnd.intertrust.nncp
+application/vnd.intu.qbo
+application/vnd.intu.qfx
+application/vnd.irepository.package+xml
+application/vnd.is-xpr
+application/vnd.japannet-directory-service
+application/vnd.japannet-jpnstore-wakeup
+application/vnd.japannet-payment-wakeup
+application/vnd.japannet-registration
+application/vnd.japannet-registration-wakeup
+application/vnd.japannet-setstore-wakeup
+application/vnd.japannet-verification
+application/vnd.japannet-verification-wakeup
+application/vnd.jisp
+application/vnd.kde.karbon
+application/vnd.kde.kchart
+application/vnd.kde.kformula
+application/vnd.kde.kivio
+application/vnd.kde.kontour
+application/vnd.kde.kpresenter
+application/vnd.kde.kspread
+application/vnd.kde.kword
+application/vnd.kenameaapp
+application/vnd.koan
+application/vnd.liberty-request+xml
+application/vnd.llamagraphics.life-balance.desktop
+application/vnd.llamagraphics.life-balance.exchange+xml
+application/vnd.lotus-1-2-3
+application/vnd.lotus-approach
+application/vnd.lotus-freelance
+application/vnd.lotus-notes
+application/vnd.lotus-organizer
+application/vnd.lotus-screencam
+application/vnd.lotus-wordpro
+application/vnd.mcd
+application/vnd.mediastation.cdkey
+application/vnd.meridian-slingshot
+application/vnd.micrografx.flo
+application/vnd.micrografx.igx
+application/vnd.mif		mif
+application/vnd.minisoft-hp3000-save
+application/vnd.mitsubishi.misty-guard.trustweb
+application/vnd.mobius.daf
+application/vnd.mobius.dis
+application/vnd.mobius.mbk
+application/vnd.mobius.mqy
+application/vnd.mobius.msl
+application/vnd.mobius.plc
+application/vnd.mobius.txf
+application/vnd.mophun.application
+application/vnd.mophun.certificate
+application/vnd.motorola.flexsuite
+application/vnd.motorola.flexsuite.adsi
+application/vnd.motorola.flexsuite.fis
+application/vnd.motorola.flexsuite.gotap
+application/vnd.motorola.flexsuite.kmr
+application/vnd.motorola.flexsuite.ttc
+application/vnd.motorola.flexsuite.wem
+application/vnd.mozilla.xul+xml	xul
+application/vnd.ms-artgalry
+application/vnd.ms-asf
+application/vnd.ms-excel	xls
+application/vnd.ms-lrm
+application/vnd.ms-powerpoint	ppt
+application/vnd.ms-project
+application/vnd.ms-tnef
+application/vnd.ms-works
+application/vnd.ms-wpl
+application/vnd.mseq
+application/vnd.msign
+application/vnd.music-niff
+application/vnd.musician
+application/vnd.netfpx
+application/vnd.noblenet-directory
+application/vnd.noblenet-sealer
+application/vnd.noblenet-web
+application/vnd.novadigm.edm
+application/vnd.novadigm.edx
+application/vnd.novadigm.ext
+application/vnd.obn
+application/vnd.osa.netdeploy
+application/vnd.palm
+application/vnd.pg.format
+application/vnd.pg.osasli
+application/vnd.powerbuilder6
+application/vnd.powerbuilder6-s
+application/vnd.powerbuilder7
+application/vnd.powerbuilder7-s
+application/vnd.powerbuilder75
+application/vnd.powerbuilder75-s
+application/vnd.previewsystems.box
+application/vnd.publishare-delta-tree
+application/vnd.pvi.ptid1
+application/vnd.pwg-multiplexed
+application/vnd.pwg-xhtml-print+xml
+application/vnd.quark.quarkxpress
+application/vnd.rapid
+application/vnd.s3sms
+application/vnd.sealed.net
+application/vnd.seemail
+application/vnd.shana.informed.formdata
+application/vnd.shana.informed.formtemplate
+application/vnd.shana.informed.interchange
+application/vnd.shana.informed.package
+application/vnd.smaf
+application/vnd.sss-cod
+application/vnd.sss-dtf
+application/vnd.sss-ntf
+application/vnd.street-stream
+application/vnd.svd
+application/vnd.swiftview-ics
+application/vnd.triscape.mxs
+application/vnd.trueapp
+application/vnd.truedoc
+application/vnd.ufdl
+application/vnd.uplanet.alert
+application/vnd.uplanet.alert-wbxml
+application/vnd.uplanet.bearer-choice
+application/vnd.uplanet.bearer-choice-wbxml
+application/vnd.uplanet.cacheop
+application/vnd.uplanet.cacheop-wbxml
+application/vnd.uplanet.channel
+application/vnd.uplanet.channel-wbxml
+application/vnd.uplanet.list
+application/vnd.uplanet.list-wbxml
+application/vnd.uplanet.listcmd
+application/vnd.uplanet.listcmd-wbxml
+application/vnd.uplanet.signal
+application/vnd.vcx
+application/vnd.vectorworks
+application/vnd.vidsoft.vidconference
+application/vnd.visio
+application/vnd.visionary
+application/vnd.vividence.scriptfile
+application/vnd.vsf
+application/vnd.wap.sic
+application/vnd.wap.slc
+application/vnd.wap.wbxml	wbxml
+application/vnd.wap.wmlc	wmlc
+application/vnd.wap.wmlscriptc	wmlsc
+application/vnd.webturbo
+application/vnd.wrq-hp3000-labelled
+application/vnd.wt.stf
+application/vnd.wv.csp+wbxml
+application/vnd.xara
+application/vnd.xfdl
+application/vnd.yamaha.hv-dic
+application/vnd.yamaha.hv-script
+application/vnd.yamaha.hv-voice
+application/vnd.yellowriver-custom-menu
+application/voicexml+xml	vxml
+application/watcherinfo+xml
+application/whoispp-query
+application/whoispp-response
+application/wita
+application/wordperfect5.1
+application/x-bcpio		bcpio
+application/x-cdlink		vcd
+application/x-chess-pgn		pgn
+application/x-compress
+application/x-cpio		cpio
+application/x-csh		csh
+application/x-director		dcr dir dxr
+application/x-dvi		dvi
+application/x-futuresplash	spl
+application/x-gtar		gtar
+application/x-gzip
+application/x-hdf		hdf
+application/x-javascript	js
+application/x-koan		skp skd skt skm
+application/x-latex		latex
+application/x-netcdf		nc cdf
+application/x-sh		sh
+application/x-shar		shar
+application/x-shockwave-flash	swf
+application/x-stuffit		sit
+application/x-sv4cpio		sv4cpio
+application/x-sv4crc		sv4crc
+application/x-tar		tar
+application/x-tcl		tcl
+application/x-tex		tex
+application/x-texinfo		texinfo texi
+application/x-troff		t tr roff
+application/x-troff-man		man
+application/x-troff-me		me
+application/x-troff-ms		ms
+application/x-ustar		ustar
+application/x-wais-source	src
+application/x400-bp
+application/xhtml+xml		xhtml xht
+application/xslt+xml		xslt
+application/xml			xml xsl
+application/xml-dtd		dtd
+application/xml-external-parsed-entity
+application/zip			zip
+audio/32kadpcm
+audio/amr
+audio/amr-wb
+audio/basic			au snd
+audio/cn
+audio/dat12
+audio/dsr-es201108
+audio/dvi4
+audio/evrc
+audio/evrc0
+audio/g722
+audio/g.722.1
+audio/g723
+audio/g726-16
+audio/g726-24
+audio/g726-32
+audio/g726-40
+audio/g728
+audio/g729
+audio/g729D
+audio/g729E
+audio/gsm
+audio/gsm-efr
+audio/l8
+audio/l16
+audio/l20
+audio/l24
+audio/lpc
+audio/midi			mid midi kar
+audio/mpa
+audio/mpa-robust
+audio/mp4a-latm
+audio/mpeg			mpga mp2 mp3
+audio/parityfec
+audio/pcma
+audio/pcmu
+audio/prs.sid
+audio/qcelp
+audio/red
+audio/smv
+audio/smv0
+audio/telephone-event
+audio/tone
+audio/vdvi
+audio/vnd.3gpp.iufp
+audio/vnd.cisco.nse
+audio/vnd.cns.anp1
+audio/vnd.cns.inf1
+audio/vnd.digital-winds
+audio/vnd.everad.plj
+audio/vnd.lucent.voice
+audio/vnd.nortel.vbk
+audio/vnd.nuera.ecelp4800
+audio/vnd.nuera.ecelp7470
+audio/vnd.nuera.ecelp9600
+audio/vnd.octel.sbc
+audio/vnd.qcelp
+audio/vnd.rhetorex.32kadpcm
+audio/vnd.vmx.cvsd
+audio/x-aiff			aif aiff aifc
+audio/x-alaw-basic
+audio/x-mpegurl			m3u
+audio/x-pn-realaudio		ram ra
+audio/x-pn-realaudio-plugin
+application/vnd.rn-realmedia	rm
+audio/x-wav			wav
+chemical/x-pdb			pdb
+chemical/x-xyz			xyz
+image/bmp			bmp
+image/cgm			cgm
+image/g3fax
+image/gif			gif
+image/ief			ief
+image/jpeg			jpeg jpg jpe
+image/naplps
+image/png			png
+image/prs.btif
+image/prs.pti
+image/svg+xml			svg
+image/t38
+image/tiff			tiff tif
+image/tiff-fx
+image/vnd.cns.inf2
+image/vnd.djvu			djvu djv
+image/vnd.dwg
+image/vnd.dxf
+image/vnd.fastbidsheet
+image/vnd.fpx
+image/vnd.fst
+image/vnd.fujixerox.edmics-mmr
+image/vnd.fujixerox.edmics-rlc
+image/vnd.globalgraphics.pgb
+image/vnd.mix
+image/vnd.ms-modi
+image/vnd.net-fpx
+image/vnd.svf
+image/vnd.wap.wbmp		wbmp
+image/vnd.xiff
+image/x-cmu-raster		ras
+image/x-icon			ico
+image/x-portable-anymap		pnm
+image/x-portable-bitmap		pbm
+image/x-portable-graymap	pgm
+image/x-portable-pixmap		ppm
+image/x-rgb			rgb
+image/x-xbitmap			xbm
+image/x-xpixmap			xpm
+image/x-xwindowdump		xwd
+message/delivery-status
+message/disposition-notification
+message/external-body
+message/http
+message/news
+message/partial
+message/rfc822
+message/s-http
+message/sip
+message/sipfrag
+model/iges			igs iges
+model/mesh			msh mesh silo
+model/vnd.dwf
+model/vnd.flatland.3dml
+model/vnd.gdl
+model/vnd.gs-gdl
+model/vnd.gtw
+model/vnd.mts
+model/vnd.parasolid.transmit.binary
+model/vnd.parasolid.transmit.text
+model/vnd.vtu
+model/vrml			wrl vrml
+multipart/alternative
+multipart/appledouble
+multipart/byteranges
+multipart/digest
+multipart/encrypted
+multipart/form-data
+multipart/header-set
+multipart/mixed
+multipart/parallel
+multipart/related
+multipart/report
+multipart/signed
+multipart/voice-message
+text/calendar			ics ifb
+text/css			css
+text/directory
+text/enriched
+text/html			html htm
+text/parityfec
+text/plain			asc txt
+text/prs.lines.tag
+text/rfc822-headers
+text/richtext			rtx
+text/rtf			rtf
+text/sgml			sgml sgm
+text/t140
+text/tab-separated-values	tsv
+text/uri-list
+text/vnd.abc
+text/vnd.curl
+text/vnd.dmclientscript
+text/vnd.fly
+text/vnd.fmi.flexstor
+text/vnd.in3d.3dml
+text/vnd.in3d.spot
+text/vnd.iptc.nitf
+text/vnd.iptc.newsml
+text/vnd.latex-z
+text/vnd.motorola.reflex
+text/vnd.ms-mediapackage
+text/vnd.net2phone.commcenter.command
+text/vnd.sun.j2me.app-descriptor
+text/vnd.wap.si
+text/vnd.wap.sl
+text/vnd.wap.wml		wml
+text/vnd.wap.wmlscript		wmls
+text/x-setext			etx
+text/xml
+text/xml-external-parsed-entity
+video/bmpeg
+video/bt656
+video/celb
+video/dv
+video/h261
+video/h263
+video/h263-1998
+video/h263-2000
+video/jpeg
+video/mp1s
+video/mp2p
+video/mp2t
+video/mp4v-es
+video/mpv
+video/mpeg			mpeg mpg mpe
+video/nv
+video/parityfec
+video/pointer
+video/quicktime			qt mov
+video/smpte292m
+video/vnd.fvt
+video/vnd.motorola.video
+video/vnd.motorola.videop
+video/vnd.mpegurl		mxu m4u
+video/vnd.nokia.interleaved-multimedia
+video/vnd.objectvideo
+video/vnd.vivo
+video/x-msvideo			avi
+video/x-sgi-movie		movie
+x-conference/x-cooltalk		ice
diff --git a/base/tps/apache/conf/nss.conf b/base/tps/apache/conf/nss.conf
new file mode 100644
index 000000000..314df040d
--- /dev/null
+++ b/base/tps/apache/conf/nss.conf
@@ -0,0 +1,280 @@
+#
+# This is the Apache server configuration file providing SSL support using.
+# the mod_nss plugin.  It contains the configuration directives to instruct
+# the server how to serve pages over an https connection.
+# 
+# Do NOT simply read the instructions in here without understanding
+# what they do.  They're here only as hints or reminders.  If you are unsure
+# consult the online docs. You have been warned.  
+#
+
+#
+# When we also provide SSL we have to listen to the 
+# standard HTTP port (see above) and to the HTTPS port
+#
+# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
+#       Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
+#
+Listen [SECURE_PORT]
+
+Listen [NON_CLIENTAUTH_SECURE_PORT]
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+#
+#   Some MIME-types for downloading Certificates and CRLs
+#
+AddType application/x-x509-ca-cert .crt
+AddType application/x-pkcs7-crl    .crl
+
+#   Pass Phrase Dialog:
+#   Configure the pass phrase gathering process.
+#   The filtering dialog program (`builtin' is a internal
+#   terminal dialog) has to provide the pass phrase on stdout.
+#NSSPassPhraseDialog  builtin
+NSSPassPhraseDialog  defer:[SERVER_ROOT]/conf/password.conf
+
+
+#   Pass Phrase Helper:
+#   This helper program stores the token password pins between
+#   restarts of Apache.
+NSSPassPhraseHelper /usr/share/pki/tps/scripts/nss_pcache
+
+#   Configure the SSL Session Cache. 
+#   SSLSessionCacheSize is the number of entries in the cache.
+#   SSLSessionCacheTimeout is the SSL2 session timeout (in seconds).
+#   SSL3SessionCacheTimeout is the SSL3/TLS session timeout (in seconds).
+NSSSessionCacheSize 10000
+NSSSessionCacheTimeout 100
+NSSSession3CacheTimeout 86400
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:[SECURE_PORT]>
+
+#   General setup for the virtual host
+#DocumentRoot "/htdocs"
+#ServerName [Server_Name]:[Secure_Port]
+#ServerAdmin you@example.com
+
+# Configure OCSP checking of client certs
+
+#NSSOCSP on
+#NSSOCSPDefaultResponder on
+
+# URL of the ocsp service
+#
+#   Example of the built in ocsp service of the  CS CA
+
+#NSSOCSPDefaultURL http://localhost:9180/ca/ocsp
+
+# Nickname of ocsp signing cert
+#
+#    Below is sufficient if using built in CS CA ocsp service
+#    If using outboard ocsp, make sure the cert listed below
+#    is imported into the local cert database.
+
+#NSSOCSPDefaultName caCert 
+
+
+# mod_ssl logs to separate log files, you can choose to do that if you'd like
+ErrorLog [SERVER_ROOT]/logs/error_log
+TransferLog [SERVER_ROOT]/logs/access_log
+
+#   SSL Engine Switch:
+#   Enable/Disable SSL for this virtual host.
+NSSEngine on
+
+#   FIPS Switch:
+#   Enable/Disable FIPS mode
+#   NSSFIPS on
+
+#   SSL Cipher Suite:
+#   List the ciphers that the client is permitted to negotiate.
+#   See the mod_nss documentation for a complete list.
+NSSCipherSuite -des,-desede3,-rc2,-rc2export,-rc4,-rc4export,+rsa_3des_sha,-rsa_des_56_sha,+rsa_des_sha,-rsa_null_md5,-rsa_null_sha,-rsa_rc2_40_md5,+rsa_rc4_128_md5,-rsa_rc4_128_sha,-rsa_rc4_40_md5,-rsa_rc4_56_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-fips_des_sha,+fips_3des_sha,-rsa_aes_128_sha,-rsa_aes_256_sha,+ecdhe_ecdsa_aes_256_sha
+#   SSL cipher suite in FIPS mode:
+#   NSSCipherSuite +rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha
+
+NSSProtocol SSLv3,TLSv1
+
+#   SSL Certificate Nickname:
+#   The nickname of the server certificate you are going to use.
+NSSNickname "Server-Cert cert-[PKI_INSTANCE_ID]"
+
+#   Server Certificate Database:
+#   The NSS security database directory that holds the certificates and
+#   keys. The database consists of 3 files: cert8.db, key3.db and secmod.db.
+#   Provide the directory that these files exist.
+NSSCertificateDatabase  [SERVER_ROOT]/alias
+
+#   Client Authentication (Type):
+#   Client certificate verification type.  Types are none, optional and
+#   require.
+NSSVerifyClient require
+
+#   Access Control:
+#   With SSLRequire you can do per-directory access control based
+#   on arbitrary complex boolean expressions containing server
+#   variable checks and other lookup directives.  The syntax is a
+#   mixture between C and Perl.  See the mod_nss documentation
+#   for more details.
+#<Location />
+#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
+#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
+#            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
+#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
+#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
+#           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
+#</Location>
+
+#   SSL Engine Options:
+#   Set various options for the SSL engine.
+#   o FakeBasicAuth:
+#     Translate the client X.509 into a Basic Authorisation.  This means that
+#     the standard Auth/DBMAuth methods can be used for access control.  The
+#     user name is the `one line' version of the client's X.509 certificate.
+#     Note that no password is obtained from the user. Every entry in the user
+#     file needs this password: `xxj31ZMTZzkVA'.
+#   o ExportCertData:
+#     This exports two additional environment variables: SSL_CLIENT_CERT and
+#     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+#     server (always existing) and the client (only existing when client
+#     authentication is used). This can be used to import the certificates
+#     into CGI scripts.
+#   o StdEnvVars:
+#     This exports the standard SSL/TLS related `SSL_*' environment variables.
+#     Per default this exportation is switched off for performance reasons,
+#     because the extraction step is an expensive operation and is usually
+#     useless for serving static content. So one usually enables the
+#     exportation for CGI and SSI requests only.
+#   o StrictRequire:
+#     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
+#     under a "Satisfy any" situation, i.e. when it applies access is denied
+#     and no other module can change it.
+#   o OptRenegotiate:
+#     This enables optimized SSL connection renegotiation handling when SSL
+#     directives are used in per-directory context. 
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+    NSSOptions +StdEnvVars
+</Files>
+<Directory "/cgi-bin">
+    NSSOptions +StdEnvVars
+</Directory>
+
+#   Per-Server Logging:
+#   The home of a custom SSL log file. Use this when you want a
+#   compact non-error SSL logfile on a virtual host basis.
+#CustomLog [SERVER_ROOT]/logs/ssl_request_log \
+#          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
+
+<VirtualHost _default_:[NON_CLIENTAUTH_SECURE_PORT]>
+
+#   General setup for the virtual host
+#DocumentRoot "/htdocs"
+#ServerName [Server_Name]:[Non_Clientauth_Secure_Port]
+#ServerAdmin you@example.com
+
+# mod_ssl logs to separate log files, you can choose to do that if you'd like
+ErrorLog [SERVER_ROOT]/logs/error_log
+TransferLog [SERVER_ROOT]/logs/access_log
+
+#   SSL Engine Switch:
+#   Enable/Disable SSL for this virtual host.
+NSSEngine on
+
+#   FIPS Switch:
+#   Enable/Disable FIPS mode
+#   NSSFIPS on
+
+#   SSL Cipher Suite:
+#   List the ciphers that the client is permitted to negotiate.
+#   See the mod_nss documentation for a complete list.
+NSSCipherSuite -des,-desede3,-rc2,-rc2export,-rc4,-rc4export,+rsa_3des_sha,-rsa_des_56_sha,+rsa_des_sha,-rsa_null_md5,-rsa_null_sha,-rsa_rc2_40_md5,+rsa_rc4_128_md5,-rsa_rc4_128_sha,-rsa_rc4_40_md5,-rsa_rc4_56_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-fips_des_sha,+fips_3des_sha,-rsa_aes_128_sha,-rsa_aes_256_sha,+ecdhe_ecdsa_aes_256_sha
+#   SSL cipher suite in FIPS mode:
+#   NSSCipherSuite +rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha
+
+NSSProtocol SSLv3,TLSv1
+
+#   SSL Certificate Nickname:
+#   The nickname of the server certificate you are going to use.
+NSSNickname "Server-Cert cert-[PKI_INSTANCE_ID]"
+
+#   Server Certificate Database:
+#   The NSS security database directory that holds the certificates and
+#   keys. The database consists of 3 files: cert8.db, key3.db and secmod.db.
+#   Provide the directory that these files exist.
+NSSCertificateDatabase  [SERVER_ROOT]/alias
+
+#   Client Authentication (Type):
+#   Client certificate verification type.  Types are none, optional and
+#   require.
+NSSVerifyClient none
+
+#   Access Control:
+#   With SSLRequire you can do per-directory access control based
+#   on arbitrary complex boolean expressions containing server
+#   variable checks and other lookup directives.  The syntax is a
+#   mixture between C and Perl.  See the mod_nss documentation
+#   for more details.
+#<Location />
+#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
+#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
+#            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
+#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
+#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
+#           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
+#</Location>
+
+#   SSL Engine Options:
+#   Set various options for the SSL engine.
+#   o FakeBasicAuth:
+#     Translate the client X.509 into a Basic Authorisation.  This means that
+#     the standard Auth/DBMAuth methods can be used for access control.  The
+#     user name is the `one line' version of the client's X.509 certificate.
+#     Note that no password is obtained from the user. Every entry in the user
+#     file needs this password: `xxj31ZMTZzkVA'.
+#   o ExportCertData:
+#     This exports two additional environment variables: SSL_CLIENT_CERT and
+#     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+#     server (always existing) and the client (only existing when client
+#     authentication is used). This can be used to import the certificates
+#     into CGI scripts.
+#   o StdEnvVars:
+#     This exports the standard SSL/TLS related `SSL_*' environment variables.
+#     Per default this exportation is switched off for performance reasons,
+#     because the extraction step is an expensive operation and is usually
+#     useless for serving static content. So one usually enables the
+#     exportation for CGI and SSI requests only.
+#   o StrictRequire:
+#     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
+#     under a "Satisfy any" situation, i.e. when it applies access is denied
+#     and no other module can change it.
+#   o OptRenegotiate:
+#     This enables optimized SSL connection renegotiation handling when SSL
+#     directives are used in per-directory context. 
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+    NSSOptions +StdEnvVars
+</Files>
+<Directory "/cgi-bin">
+    NSSOptions +StdEnvVars
+</Directory>
+
+#   Per-Server Logging:
+#   The home of a custom SSL log file. Use this when you want a
+#   compact non-error SSL logfile on a virtual host basis.
+#CustomLog [SERVER_ROOT]/logs/ssl_request_log \
+#          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
diff --git a/base/tps/apache/conf/perl.conf b/base/tps/apache/conf/perl.conf
new file mode 100644
index 000000000..feb51e860
--- /dev/null
+++ b/base/tps/apache/conf/perl.conf
@@ -0,0 +1,70 @@
+#
+# Mod_perl incorporates a Perl interpreter into the Apache web server,
+# so that the Apache web server can directly execute Perl code.
+# Mod_perl links the Perl runtime library into the Apache web server
+# and provides an object-oriented Perl interface for Apache's C
+# language API.  The end result is a quicker CGI script turnaround
+# process, since no external Perl interpreter has to be started.
+#
+
+LoadModule perl_module [FORTITUDE_LIB_DIR]/modules/mod_perl.so
+
+# Uncomment this line to globally enable warnings, which will be
+# written to the server's error log.  Warnings should be enabled
+# during the development process, but should be disabled on a
+# production server as they affect performance.
+#
+#PerlWarn On
+
+# Uncomment this line to enable taint checking globally.  When Perl is
+# running in taint mode various checks are performed to reduce the
+# risk of insecure data being passed to a subshell or being used to
+# modify the filesystem.  Unfortunatly many Perl modules are not
+# taint-safe, so you should exercise care before enabling it on a
+# production server.
+#
+#PerlTaintCheck On
+
+# This will allow execution of mod_perl to compile your scripts to
+# subroutines which it will execute directly, avoiding the costly
+# compile process for most requests.
+#
+#Alias /perl /var/www/perl
+#<Directory /var/www/perl>
+#    SetHandler perl-script
+#    PerlResponseHandler ModPerl::Registry
+#    PerlOptions +ParseHeaders
+#    Options +ExecCGI
+#</Directory>
+
+# This will allow remote server configuration reports, with the URL of
+#  http://servername/perl-status
+# Change the ".your-domain.com" to match your domain to enable.
+#
+#PerlModule Apache::compat
+#<Location /perl-status>
+#    SetHandler perl-script
+#    PerlResponseHandler Apache::Status
+#    Order deny,allow
+#    Deny from all
+#    Allow from .your-domain.com
+#</Location>
+
+PerlModule ModPerl::Registry
+PerlModule [FORTITUDE_APACHE]::compat
+PerlModule PKI::TPS::wizard
+PerlSetEnv PKI_DOCROOT [SERVER_ROOT]/docroot
+PerlSetEnv PKI_ROOT [SERVER_ROOT]
+<Location /tps/admin/console/config/wizard>
+   SetHandler perl-script
+   PerlHandler PKI::TPS::Wizard
+   Order deny,allow
+   Allow from all
+</Location>
+
+<Location /tps/admin/console/config/login>
+   SetHandler perl-script
+   PerlHandler PKI::TPS::Login
+   Order deny,allow
+   Allow from all
+</Location>
diff --git a/base/tps/apache/pki_instance_command_wrapper b/base/tps/apache/pki_instance_command_wrapper
new file mode 100644
index 000000000..913b37e4a
--- /dev/null
+++ b/base/tps/apache/pki_instance_command_wrapper
@@ -0,0 +1,192 @@
+#!/bin/sh
+# --- BEGIN COPYRIGHT BLOCK ---
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation;
+# version 2.1 of the License.
+# 
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+# 
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor,
+# Boston, MA  02110-1301  USA 
+# 
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# --- END COPYRIGHT BLOCK ---
+
+# Check to insure that this script's original invocation directory
+# has not been deleted!
+CWD=`/bin/pwd > /dev/null 2>&1`
+if [ $? -ne 0 ] ; then
+	echo "Cannot invoke '$0' from non-existent directory!"
+	exit 255
+fi
+
+
+###############################################################################
+##  (1) Specify variables used by this script.                               ##
+###############################################################################
+
+PRODUCT=[PKI_PRODUCT]
+SUBSYSTEM=[PKI_SUBSYSTEM]
+INSTANCE=[PKI_INSTANCE]
+COMMAND=[PKI_COMMAND]
+
+
+###############################################################################
+##  (2) Define helper functions.                                             ##
+###############################################################################
+
+invalid_operating_system() {
+   	echo
+   	echo "ERROR:  '$0' does not execute on the '$1' operating system!"
+   	echo
+}
+
+invalid_architecture() {
+   	echo
+   	echo "ERROR:  '$0' does not execute on the '$1' architecture!"
+   	echo
+}
+
+
+###############################################################################
+##  (3) Set environment variables.                                           ##
+##                                                                           ##
+##      Set the LD_LIBRARY_PATH environment variable to determine the        ##
+##      search order this command wrapper uses to find shared libraries.     ##
+##                                                                           ##
+##      Set the PATH environment variable to determine the search            ##
+##      order this command wrapper uses to find binary executables.          ##
+##                                                                           ##
+##      NOTE:  Since the wrappers themselves are ALWAYS located in           ##
+##             "/usr/bin" on 32-bit and 64-bit Linux as well as both         ##
+##             32-bit Solaris and 64-bit Solaris, this directory             ##
+##             will always be excluded from the search path.                 ##
+##                                                                           ##
+##             Additionally, since "/bin" is nothing more than a symbolic    ##
+##             link to "/usr/bin" on Solaris, this directory will also       ##
+##             always be excluded from the search path on this platform.     ##
+##                                                                           ##
+###############################################################################
+
+OS=`uname -s`
+ARCHITECTURE=""
+
+if [ "${OS}" = "Linux" ] ; then
+	ARCHITECTURE=`uname -i`
+	if [ "${ARCHITECTURE}" = "i386" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/var/lib/${INSTANCE}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}:/bin
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/var/lib/${INSTANCE}:${PATH}
+		export PATH
+	elif [ "${ARCHITECTURE}" = "x86_64" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/var/lib/${INSTANCE}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/java:/usr/lib64:/lib64:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/var/lib/${INSTANCE}:${PATH}
+		PATH=/usr/lib64/${PRODUCT}:/bin:${PATH}
+		PATH=/usr/lib64/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	else
+		invalid_architecture "${ARCHITECTURE}"
+		exit 255
+	fi
+elif [ "${OS}" = "SunOS" ] ; then
+	ARCHITECTURE=`uname -p`
+	if	[ "${ARCHITECTURE}" = "sparc" ] &&
+		[ -d "/usr/lib/sparcv9/" ] ; then
+		ARCHITECTURE="sparcv9"
+	fi
+	if [ "${ARCHITECTURE}" = "sparc" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/var/lib/${INSTANCE}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/var/lib/${INSTANCE}:${PATH}
+		export PATH
+	elif [ "${ARCHITECTURE}" = "sparcv9" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/var/lib/${INSTANCE}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9:/lib/sparcv9:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/java:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/bin/sparcv9
+		PATH=/usr/lib/${PRODUCT}:${PATH}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/var/lib/${INSTANCE}:${PATH}
+		PATH=/usr/lib/sparcv9/${PRODUCT}:${PATH}
+		PATH=/usr/lib/sparcv9/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	else
+		invalid_architecture "${ARCHITECTURE}"
+		exit 255
+	fi
+else
+	invalid_operating_system "${OS}"
+	exit 255
+fi
+
+
+###############################################################################
+##  (4) Execute the binary executable specified by this command wrapper      ##
+##      based upon the preset LD_LIBRARY_PATH and PATH environment variables.##
+###############################################################################
+
+ORIGINAL_IFS=${IFS}
+IFS=:
+
+for dir in ${PATH}
+do
+	if [ -x ${dir}/${COMMAND} ]
+	then
+		IFS=${ORIGINAL_IFS}
+		${dir}/${COMMAND} "$@"
+		exit $?
+	fi
+done
+
+echo "Unable to find \"${COMMAND}\" in \"${PATH}\"!"
+
+exit 255
+
diff --git a/base/tps/apache/pki_subsystem_command_wrapper b/base/tps/apache/pki_subsystem_command_wrapper
new file mode 100644
index 000000000..19cbf9dd9
--- /dev/null
+++ b/base/tps/apache/pki_subsystem_command_wrapper
@@ -0,0 +1,182 @@
+#!/bin/sh
+# --- BEGIN COPYRIGHT BLOCK ---
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation;
+# version 2.1 of the License.
+# 
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+# 
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor,
+# Boston, MA  02110-1301  USA 
+# 
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# --- END COPYRIGHT BLOCK ---
+
+# Check to insure that this script's original invocation directory
+# has not been deleted!
+CWD=`/bin/pwd > /dev/null 2>&1`
+if [ $? -ne 0 ] ; then
+	echo "Cannot invoke '$0' from non-existent directory!"
+	exit 255
+fi
+ 
+
+###############################################################################
+##  (1) Specify variables used by this script.                               ##
+###############################################################################
+
+PRODUCT=[PKI_PRODUCT]
+SUBSYSTEM=[PKI_SUBSYSTEM]
+COMMAND=[PKI_COMMAND]
+
+
+###############################################################################
+##  (2) Define helper functions.                                             ##
+###############################################################################
+
+invalid_operating_system() {
+   	echo
+   	echo "ERROR:  '$0' does not execute on the '$1' operating system!"
+   	echo
+}
+
+invalid_architecture() {
+   	echo
+   	echo "ERROR:  '$0' does not execute on the '$1' architecture!"
+   	echo
+}
+
+
+###############################################################################
+##  (3) Set environment variables.                                           ##
+##                                                                           ##
+##      Set the LD_LIBRARY_PATH environment variable to determine the        ##
+##      search order this command wrapper uses to find shared libraries.     ##
+##                                                                           ##
+##      Set the PATH environment variable to determine the search            ##
+##      order this command wrapper uses to find binary executables.          ##
+##                                                                           ##
+##      NOTE:  Since the wrappers themselves are ALWAYS located in           ##
+##             "/usr/bin" on 32-bit and 64-bit Linux as well as both         ##
+##             32-bit Solaris and 64-bit Solaris, this directory             ##
+##             will always be excluded from the search path.                 ##
+##                                                                           ##
+##             Additionally, since "/bin" is nothing more than a symbolic    ##
+##             link to "/usr/bin" on Solaris, this directory will also       ##
+##             always be excluded from the search path on this platform.     ##
+##                                                                           ##
+###############################################################################
+
+OS=`uname -s`
+ARCHITECTURE=""
+
+if [ "${OS}" = "Linux" ] ; then
+	ARCHITECTURE=`uname -i`
+	if [ "${ARCHITECTURE}" = "i386" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}:/bin
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	elif [ "${ARCHITECTURE}" = "x86_64" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/java:/usr/lib64:/lib64:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib64/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/usr/lib64/${PRODUCT}:/bin:${PATH}
+		PATH=/usr/lib64/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	else
+		invalid_architecture "${ARCHITECTURE}"
+		exit 255
+	fi
+elif [ "${OS}" = "SunOS" ] ; then
+	ARCHITECTURE=`uname -p`
+	if	[ "${ARCHITECTURE}" = "sparc" ] &&
+		[ -d "/usr/lib/sparcv9/" ] ; then
+		ARCHITECTURE="sparcv9"
+	fi
+	if [ "${ARCHITECTURE}" = "sparc" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	elif [ "${ARCHITECTURE}" = "sparcv9" ] ; then
+		LD_LIBRARY_PATH=/usr/lib/java:/usr/lib:/lib
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/java/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9:/lib/sparcv9:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/java:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/${PRODUCT}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/${PRODUCT}/${SUBSYSTEM}:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:${LD_LIBRARY_PATH}
+		LD_LIBRARY_PATH=/usr/lib/sparcv9/java/dirsec:${LD_LIBRARY_PATH}
+		export LD_LIBRARY_PATH
+
+		PATH=/usr/lib/${PRODUCT}
+		PATH=/usr/lib/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		PATH=/usr/lib/sparcv9/${PRODUCT}:${PATH}
+		PATH=/usr/lib/sparcv9/${PRODUCT}/${SUBSYSTEM}:${PATH}
+		export PATH
+	else
+		invalid_architecture "${ARCHITECTURE}"
+		exit 255
+	fi
+else
+	invalid_operating_system "${OS}"
+	exit 255
+fi
+
+
+###############################################################################
+##  (4) Execute the binary executable specified by this command wrapper      ##
+##      based upon the preset LD_LIBRARY_PATH and PATH environment variables.##
+###############################################################################
+
+ORIGINAL_IFS=${IFS}
+IFS=:
+
+for dir in ${PATH}
+do
+	if [ -x ${dir}/${COMMAND} ]
+	then
+		IFS=${ORIGINAL_IFS}
+		${dir}/${COMMAND} "$@"
+		exit $?
+	fi
+done
+
+echo "Unable to find \"${COMMAND}\" in \"${PATH}\"!"
+
+exit 255
+
diff --git a/base/tps/apache/readme.html b/base/tps/apache/readme.html
new file mode 100644
index 000000000..3b741e6ae
--- /dev/null
+++ b/base/tps/apache/readme.html
@@ -0,0 +1,1222 @@
+<!-- --- BEGIN COPYRIGHT BLOCK ---
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation;
+     version 2.1 of the License.
+     
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+     
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor,
+     Boston, MA  02110-1301  USA 
+     
+     Copyright (C) 2007 Red Hat, Inc.
+     All rights reserved.
+     --- END COPYRIGHT BLOCK --- -->
+<html>
+<body>
+<h1>
+<center><b>
+How to Setup and Configure "mod_tps" and "mod_tokendb" on Apache
+</b></center>
+<hr>
+<h2>Overview</h2>
+<ul>
+<p>This document describes how to install and configure the "mod_tps" and
+"mod_tokendb" modules required by CoolKey.
+</ul>
+<h2>Dependencies</h2>
+<ul>
+<p>"mod_tps" is dependent upon the following components:
+<ul>
+<li>Fedora Certificate System (FCS) 1.0.0 Certificate Authority (CA)
+<li>FCS 1.0.0 Token Key Service (TKS)
+<li>FCS 1.0.0 Data Recovery Manager (DRM) [optional]
+<li>FCS 1.0.0 Token Processing System (TPS)
+<li>Fedora Directory Server (FDS) 1.0 (TPS internaldb instance)
+<li>Apache 2.0.52
+<li>"mod_nss" module installed and available from this Apache 2.0.52 (Fortitude)
+</ul>
+<p>"mod_tokendb" is dependent upon the following components:
+<ul>
+<li>FCS 1.0.0 TPS
+<li>FDS 1.0 TPS internaldb instance
+<li>Apache 2.0.52
+<li>"mod_nss" module installed and available from this Apache 2.0.52 (Fortitude)
+<li>"mod_tps" module installed and available from this Apache 2.0.52 (Fortitude)
+</ul>
+</ul>
+<h2>Supported Platforms</h2>
+<ul>
+<li>Fedora Core 6 (32-bit),
+<li>Fedora Core 6 (64-bit), and
+<li>Solaris 9 (64-bit)
+</ul>
+<h2>Installing and Configuring "mod_tps" and "mod_tokendb"</h2>
+<ol>
+<li>Insure that a pre-installed version 1.0.0 of the FCS common subsystems area
+exists on the desired machine running on the desired platform<br>
+(e. g. - &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;)
+<li>Insure that a pre-installed version 1.0.0 of the FCS CA exists on the
+desired machine running on the desired platform<br>
+(e. g. - &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_ca_subsystems&gt; and &lt;pki_server_root&gt;/&lt;ca_instance&gt;)
+<li>Insure that a pre-installed version 1.0.0 of the FCS TKS exists on the
+desired machine running on the desired platform<br>
+(e. g. - &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tks_subsystems&gt; and &lt;pki_server_root&gt;/&lt;tks_instance&gt;)
+<li>Optionally, insure that a pre-installed version 1.0.0 of the FCS DRM exists
+on the desired machine running on the desired platform<br>
+(e. g. - &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_drm_subsystems&gt; and &lt;pki_server_root&gt;/&lt;drm_instance&gt;)
+<li>Insure that a pre-installed version 1.0 of the FDS exists on the desired
+machine running on the desired platform.<br>
+This is needed to create a TPS internaldb instance<br>
+(e. g. - &lt;rhds_server_root&gt;/&lt;tps_internaldb&gt;)
+<li>Insure that a pre-installed threaded version 2.0.52 of the Apache server
+exists on the desired machine running on the desired platform<br>
+(e. g. - &lt;apache_server_root&gt;)
+<li>Insure that this Apache server has "mod_nss" (Fortitude) installed and
+available from its &lt;apache_server_root&gt;
+<li>Download and unpack the entire contents of the TPS package into the
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;, the
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;, and the
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;
+<li>Change directory to &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin
+<li>Execute &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin/setup_tps:
+<ol type="a">
+<li>Creates a wrapper script called
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin/tpsclient for
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/bin/tpsclient
+<li>Creates an empty
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/bin directory
+(instance-specific binaries)
+<li>Creates an empty
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/cgi-bin directory
+(user customization)
+<li>Creates an empty
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/docroot directory
+(user customization)
+<li>Creates an empty
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/lib directory
+(instance-specific libraries)
+<li>Creates an empty
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/logs directory
+(instance-specific logs)
+<li>Sets up the CA connector in
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/CS.cfg
+<li>Optionally, sets up the DRM connector in
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/CS.cfg
+<li>Creates a cert8.db in
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/cert8.db
+<li>Creates a key3.db in
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/key3.db
+<li>Populates the cert8.db and key3.db security databases located in the
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config directory with the
+ServerCert
+<li>Populates the TPS internaldb located in the
+&lt;rhds_server_root&gt;/&lt;tps_internaldb&gt; directory by executing the
+LDIF scripts located in the
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup directory
+<li>Generates the
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/config/httpd.conf
+Apache Configuration file:
+<pre>
+#
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Statically compiled modules (those listed by `httpd -l') do not need
+# to be loaded here.
+#
+# Example:
+# LoadModule foo_module modules/mod_foo.so
+#
+LoadModule nss_module         &lt;apache_server_root&gt;/modules/libmodnss.so
+
+#
+# Bring in additional module-specific configurations
+#
+Include &lt;apache_server_root&gt;/conf/nss.conf
+Include &lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/tps.conf
+</pre>
+<li>Generates the
+&lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/tps.conf
+Apache TPS Module Configuration file:
+<pre>
+#
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Statically compiled modules (those listed by `httpd -l') do not need
+# to be loaded here.
+#
+# Example:
+# LoadModule foo_module modules/mod_foo.so
+#
+LoadModule tps_module         &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/mod_tps.so
+LoadModule tokendb_module     &lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/mod_tokendb.so
+
+&lt;Location /nk_service&gt;
+    SetHandler nk_service
+&lt;/Location&gt;
+                                                                                
+&lt;Location /tus&gt;
+    SetHandler tus
+&lt;/Location&gt;
+
+#
+# DocumentRoot: The directory out of which you will serve your
+# documents. By default, all requests are taken from this directory, but
+# symbolic links and aliases may be used to point to other locations.
+#
+DocumentRoot "&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot"
+
+#
+# ScriptAlias: This controls which directories contain server scripts.
+# ScriptAliases are essentially the same as Aliases, except that
+# documents in the realname directory are treated as applications and
+# run by the server when requested rather than as documents sent to the client.
+# The same rules about trailing "/" apply to ScriptAlias directives as to
+# Alias.
+#
+ScriptAlias /cgi-bin/ "&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/"
+
+#
+# Bring in additional module-specific configurations
+#
+TPSConfigPathFile &lt;pki_server_root&gt;/&lt;tps_instance&gt;/config/CS.cfg
+</ol>
+<li>Assume "root" privilege
+<li>Execute &lt;apache_server_root&gt;/bin/apachectl -f 
+&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/config/httpd.conf
+start
+</ol>
+
+<h2>Inventory of cs-tps-{version} Package</h2>
+<ul>
+<table border=1>
+<tr>
+<th>Packaged File</th>
+<th>Unpackaged File</th>
+</tr>
+<tr>
+<td>applets/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/applets/</td>
+</tr>
+<tr>
+<td>applets/1.3.427BDDB8.ijc</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/applets/1.3.427BDDB8.ijc</td>
+</tr>
+<tr>
+<td>bin/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin/</td>
+</tr>
+<tr>
+<td>bin/setup_tps</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin/setup_tps</td>
+</tr>
+<tr>
+<td>bin/setup_tps</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/bin/uninstall_tps</td>
+</tr>
+<tr>
+<td>bin/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/bin/</td>
+</tr>
+<tr>
+<td>bin/tpsclient</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/bin/tpsclient</td>
+</tr>
+<tr>
+<td>cgi-bin/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/</td>
+</tr>
+<tr>
+<td>cgi-bin/AdminEsc.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/AdminEsc.html</td>
+</tr>
+<tr>
+<td>cgi-bin/AdvancePopup.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/AdvancePopup.html</td>
+</tr>
+<tr>
+<td>cgi-bin/EnrollPopup.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/EnrollPopup.html</td>
+</tr>
+<tr>
+<td>cgi-bin/SettingsEsc.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/SettingsEsc.html</td>
+</tr>
+<tr>
+<td>cgi-bin/TokenManager.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/TokenManager.html</td>
+</tr>
+<tr>
+<td>cgi-bin/TokenPin.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/TokenPin.html</td>
+</tr>
+<tr>
+<td>cgi-bin/esc.cgi</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/esc.cgi</td>
+</tr>
+<tr>
+<td>cgi-bin/style.css</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/cgi-bin/style.css</td>
+</tr>
+<tr>
+<td>config/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/config/</td>
+</tr>
+<tr>
+<td>config/CS.cfg</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/config/CS.cfg</td>
+</tr>
+<tr>
+<td>config/enroll.test</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/config/enroll.test</td>
+</tr>
+<tr>
+<td>config/format.test</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/config/format.test</td>
+</tr>
+<tr>
+<td>config/reset_pin.test</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/config/reset_pin.test</td>
+</tr>
+<tr>
+<td>docroot/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/</td>
+</tr>
+<tr>
+<td>docroot/GenericAuth.html</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/GenericAuth.html</td>
+</tr>
+<tr>
+<td>docroot/images/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/</td>
+</tr>
+<tr>
+<td>docroot/images/BannerBackground.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/BannerBackground.gif</td>
+</tr>
+<tr>
+<td>docroot/images/BindSettingsPrototype.jpg</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/BindSettingsPrototype.jpg</td>
+</tr>
+<tr>
+<td>docroot/images/CancelButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/CancelButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/CloseButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/CloseButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/ContinueButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/ContinueButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/HelpButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/HelpButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKey-Small.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKey-Small.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKeyInsert.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKeyInsert.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKeyLogo.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKeyLogo.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKeyPair.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKeyPair.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKeyProgress.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKeyProgress.gif</td>
+</tr>
+<tr>
+<td>docroot/images/NetKeyQuestionMark.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/NetKeyQuestionMark.gif</td>
+</tr>
+<tr>
+<td>docroot/images/OKButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/OKButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/PadLock.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/PadLock.gif</td>
+</tr>
+<tr>
+<td>docroot/images/PurchaseButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/PurchaseButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/ReactivateButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/ReactivateButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/ReleaseButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/ReleaseButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/SecureButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/SecureButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/SuspendButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/SuspendButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/TryAgainButton.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/TryAgainButton.gif</td>
+</tr>
+<tr>
+<td>docroot/images/bg.jpg</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/bg.jpg</td>
+</tr>
+<tr>
+<td>docroot/images/logo.gif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/images/logo.gif</td>
+</tr>
+<tr>
+<td>docroot/style.css</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/style.css</td>
+</tr>
+<tr>
+<td>docroot/tus/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/</td>
+</tr>
+<tr>
+<td>docroot/tus/addResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/addResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/delete.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/delete.template</td>
+</tr>
+<tr>
+<td>docroot/tus/deleteResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/deleteResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/doToken.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/doToken.template</td>
+</tr>
+<tr>
+<td>docroot/tus/doTokenConfirm.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/doTokenConfirm.template</td>
+</tr>
+<tr>
+<td>docroot/tus/edit.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/edit.template</td>
+</tr>
+<tr>
+<td>docroot/tus/editAdmin.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/editAdmin.template</td>
+</tr>
+<tr>
+<td>docroot/tus/editAdminResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/editAdminResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/editResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/editResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/error.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/error.template</td>
+</tr>
+<tr>
+<td>docroot/tus/index.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/index.template</td>
+</tr>
+<tr>
+<td>docroot/tus/indexAdmin.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/indexAdmin.template</td>
+</tr>
+<tr>
+<td>docroot/tus/new.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/new.template</td>
+</tr>
+<tr>
+<td>docroot/tus/revoke.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/revoke.template</td>
+</tr>
+<tr>
+<td>docroot/tus/search.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/search.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchActivity.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchActivity.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchActivityResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchActivityResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchAdmin.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchAdmin.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchAdminResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchAdminResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchCertificateResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchCertificateResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/searchResults.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/searchResults.template</td>
+</tr>
+<tr>
+<td>docroot/tus/show.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/show.template</td>
+</tr>
+<tr>
+<td>docroot/tus/showAdmin.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/showAdmin.template</td>
+</tr>
+<tr>
+<td>docroot/tus/showCert.template</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/docroot/tus/showCert.template</td>
+</tr>
+<tr>
+<td>lib/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/</td>
+</tr>
+<tr>
+<td>lib/libldapauth.so</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/libldapauth.so</td>
+</tr>
+<tr>
+<td>lib/libtokendb.so</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/libtokendb.so</td>
+</tr>
+<tr>
+<td>lib/libtps.so</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/libtps.so</td>
+</tr>
+<tr>
+<td>lib/mod_tokendb.so</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/mod_tokendb.so</td>
+</tr>
+<tr>
+<td>lib/mod_tps.so</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/lib/mod_tps.so</td>
+</tr>
+<tr>
+<td>setup/</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/</td>
+</tr>
+<tr>
+<td>setup/addAgents.ldif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/addAgents.ldif</td>
+</tr>
+<tr>
+<td>setup/addIndexes.ldif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/addIndexes.ldif</td>
+</tr>
+<tr>
+<td>setup/addTokens.ldif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/addTokens.ldif</td>
+</tr>
+<tr>
+<td>setup/addVLVIndexes.ldif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/addVLVIndexes.ldif</td>
+</tr>
+<tr>
+<td>setup/schemaMods.ldif</td>
+<td>&lt;pki_server_root&gt;/&lt;common_subsystems_area&gt;/&lt;common_tps_subsystems&gt;/setup/schemaMods.ldif</td>
+</tr>
+</table>
+</ul>
+
+<h2>Inventory of cs-tps-devel-{version} Package</h2>
+<ul>
+<table border=1>
+<tr>
+<th>Packaged File</th>
+<th>Unpackaged File</th>
+</tr>
+<tr>
+<td>include/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/APDU_Response.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Create_Object_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Create_Pin_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Delete_File_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/External_Authenticate_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Format_Muscle_Applet_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Generate_Key_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Get_Data_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Get_Status_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Get_Version_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Import_Key_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Import_Key_Enc_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Initialize_Update_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Install_Applet_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Install_Load_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Lifecycle_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/List_Objects_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/List_Pins_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Load_File_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Put_Key_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Read_Buffer_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Read_Object_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Select_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Set_Pin_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Unblock_Pin_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/apdu/Write_Object_APDU.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/authentication/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/authentication/AuthParams.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/authentication/Authentication.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/authentication/LDAP_Authentication.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/channel/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/channel/Channel.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/channel/Secure_Channel.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/cms/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/cms/CertEnroll.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/cms/ConnectionInfo.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/cms/HttpConnection.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/engine/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/engine/RA.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/AccessLogger.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Auth.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ByteBuffer.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/CERTUtil.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Cache.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Connection.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ConnectionListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/DebugLogger.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Defines.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ErrorLogger.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Iterator.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/LogRotationTask.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Logger.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/NSPRerrs.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSBuddy.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSBuddyCache.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSBuddyList.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSBuddyListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSBuddyService.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSCertExtension.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSCommonLib.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSConfig.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSConfigManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSConfigReader.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSCrypt.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSDataSourceListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSDataSourceManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSGroup.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSGroupCache.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSHelper.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSPRUtil.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSPlugin.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSPluginManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServer.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServerLib.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServerListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServerManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServiceListener.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSServiceManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSUser.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PSWaspLib.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Pool.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PresenceManager.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PresenceServer.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/PresenceServerImpl.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SECerrs.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SSLServerSocket.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SSLSocket.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SSLerrs.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ScheduledTask.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Scheduler.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SecurityHeaders.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ServerConnection.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ServerHeaderProcessor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ServerSocket.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/Socket.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SocketINC.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/SocketLib.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/StringList.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/StringUtil.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/TaskList.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/ThreadPool.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/URLUtil.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/engine.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/http.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/request.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/httpClient/httpc/response.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/RA_pblock.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/AttributeSpec.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/AuthenticationEntry.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/Base.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/Buffer.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/ConfigStore.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/Login.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/Memory.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/MemoryMgr.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/NameValueSet.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/ObjectSpec.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/PKCS11Obj.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/PublishEntry.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/RA_Context.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/RA_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/RA_Session.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/SecureId.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/main/Util.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/modules/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/modules/tps/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/modules/tps/AP_Context.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/modules/tps/AP_Session.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_ASQ_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_ASQ_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Begin_Op_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_End_Op_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Extended_Login_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Extended_Login_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Login_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Login_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_New_Pin_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_New_Pin_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_SecureId_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_SecureId_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Status_Update_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Status_Update_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Token_PDU_Request_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/msg/RA_Token_PDU_Response_Msg.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Enroll_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Format_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Pin_Reset_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Renew_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/processor/RA_Unblock_Processor.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/publisher/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/publisher/IConnector.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/publisher/IPublish_Data.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/publisher/IPublisher.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/publisher/NetkeyPublisher.h</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/tus/</td>
+<td>&nbsp;</td>
+</tr>
+<tr>
+<td>include/tus/tus_db.h</td>
+<td>&nbsp;</td>
+</tr>
+</table>
+</ul>
+</body>
+</html>
+