Updated instructions to customize TPS token lifecycle.

The TPS's CS.cfg and token-states.properties have been updated to include instructions to customize token state transitions and labels. https://fedorahosted.org/pki/ticket/2300
author: Endi S. Dewata <edewata@redhat.com> 2016-06-15 07:18:47 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2016-06-16 04:22:06 +0200
commit: f91ca26abeeb2d18659ce7255764d99a3ac81d0d (patch)
tree: b4aa71619c955b565d0929b9de1e46b51bcd5ccd /base
parent: 61e5bff2bc89edf96c90d8ff063529af213afcbe (diff)
download: pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.tar.gz
pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.tar.xz
pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.zip
3 files changed, 26 insertions, 12 deletions
diff --git a/base/tps-client/doc/CS.cfg b/base/tps-client/doc/CS.cfg
index 6903a4bd5..db9452a61 100644
--- a/base/tps-client/doc/CS.cfg
+++ b/base/tps-client/doc/CS.cfg
@@ -1489,9 +1489,10 @@ tokendb._071=#     SUSPENDED = 3,
 tokendb._072=#     ACTIVE = 4,
 tokendb._073=#     TERMINATED = 6,
 tokendb._074=#     UNFORMATTED = 7
-tokendb._075=# Note: Default transitions can be removed from the list if necessary.
-tokendb._076=# Do not add other transitions since they may not be supported.
-tokendb._077=#########################################
+tokendb._075=# Note: Transitions can be removed from the list if necessary.
+tokendb._076=# Do not add new transitions unless they were originally in the list.
+tokendb._077=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg.
+tokendb._078=#########################################
 tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log
 tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT]
 tokendb.ssl=false
@@ -1597,9 +1598,10 @@ tps._009=#   - token operations, like formatting and enrollment have transitions
 tps._010=#     FORMATTED = 0,
 tps._011=#     ACTIVE = 4,
 tps._012=#     UNFORMATTED = 7
-tps._013=# Note: Default transitions can be removed from the list if necessary.
-tps._014=# Do not add other transitions since they may not be supported.
-tps._015=########################################
+tps._013=# Note: Transitions can be removed from the list if necessary.
+tps._014=# Do not add new transitions unless they were originally in the list.
+tps._015=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg.
+tps._016=########################################
 tps.operations.allowedTransitions=0:0,0:4,4:4,4:0,7:0
 tps.cert.list=sslserver,subsystem,audit_signing
 tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME]
diff --git a/base/tps/shared/conf/CS.cfg b/base/tps/shared/conf/CS.cfg
index 90d1747dd..70a83308f 100644
--- a/base/tps/shared/conf/CS.cfg
+++ b/base/tps/shared/conf/CS.cfg
@@ -1971,9 +1971,10 @@ tokendb._071=#     SUSPENDED = 3,
 tokendb._072=#     ACTIVE = 4,
 tokendb._073=#     TERMINATED = 6,
 tokendb._074=#     UNFORMATTED = 7
-tokendb._075=# Note: Default transitions can be removed from the list if necessary.
-tokendb._076=# Do not add other transitions since they may not be supported.
-tokendb._077=#########################################
+tokendb._075=# Note: Transitions can be removed from the list if necessary.
+tokendb._076=# Do not add new transitions unless they were originally in the list.
+tokendb._077=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg.
+tokendb._078=#########################################
 tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT]
 tokendb.addConfigTemplate=addConfig.template
 tokendb.addResultTemplate=addResults.template
@@ -2038,9 +2039,10 @@ tps._009=#   - token operations, like formatting and enrollment have transitions
 tps._010=#     FORMATTED = 0,
 tps._011=#     ACTIVE = 4,
 tps._012=#     UNFORMATTED = 7
-tps._013=# Note: Default transitions can be removed from the list if necessary.
-tps._014=# Do not add other transitions since they may not be supported.
-tps._015=########################################
+tps._013=# Note: Transitions can be removed from the list if necessary.
+tps._014=# Do not add new transitions unless they were originally in the list.
+tps._015=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg.
+tps._016=########################################
 tps.cert.audit_signing.certusage=ObjectSigner
 tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME]
 tps.cert.list=sslserver,subsystem,audit_signing
diff --git a/base/tps/shared/conf/token-states.properties b/base/tps/shared/conf/token-states.properties
index 4c972f3b1..99ade3d77 100644
--- a/base/tps/shared/conf/token-states.properties
+++ b/base/tps/shared/conf/token-states.properties
@@ -1,3 +1,13 @@
+# To customize the state and transition labels, copy this file into
+# /var/lib/pki/<instance>/tps/conf then change the labels as needed.
+# Do not define new states or transitions since they will not be
+# supported.
+#
+# To customize the transitions, edit the following properties in
+# /var/lib/pki/<instance>/tps/conf/CS.cfg:
+# - tokendb.allowedTransitions
+# - tps.operations.allowedTransitions
+
 # Token states
 UNFORMATTED         = Unformatted
 FORMATTED           = Formatted (uninitialized)
author	Endi S. Dewata <edewata@redhat.com>	2016-06-15 07:18:47 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2016-06-16 04:22:06 +0200
commit	f91ca26abeeb2d18659ce7255764d99a3ac81d0d (patch)
tree	b4aa71619c955b565d0929b9de1e46b51bcd5ccd /base
parent	61e5bff2bc89edf96c90d8ff063529af213afcbe (diff)
download	pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.tar.gz pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.tar.xz pki-f91ca26abeeb2d18659ce7255764d99a3ac81d0d.zip