diff options
| author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-23 18:37:28 +0000 |
|---|---|---|
| committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-23 18:37:28 +0000 |
| commit | dcbedb00e5fae3d56bf8091b54773b8f18d4d3ad (patch) | |
| tree | ddaeb25344e5e2c1379cd588632a1a926de577ff /pki/base/ocsp | |
| parent | 216293aca940f20c72ad5a388f2926657acabe03 (diff) | |
| download | pki-dcbedb00e5fae3d56bf8091b54773b8f18d4d3ad.tar.gz pki-dcbedb00e5fae3d56bf8091b54773b8f18d4d3ad.tar.xz pki-dcbedb00e5fae3d56bf8091b54773b8f18d4d3ad.zip | |
Resolves #712931 - CS requires too many ports to be open in the FW
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2160 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ocsp')
| -rw-r--r-- | pki/base/ocsp/shared/conf/CS.cfg.in | 2 | ||||
| -rw-r--r-- | pki/base/ocsp/shared/conf/server.xml | 8 | ||||
| -rw-r--r-- | pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml | 22 |
3 files changed, 28 insertions, 4 deletions
diff --git a/pki/base/ocsp/shared/conf/CS.cfg.in b/pki/base/ocsp/shared/conf/CS.cfg.in index 309417641..4cd234c84 100644 --- a/pki/base/ocsp/shared/conf/CS.cfg.in +++ b/pki/base/ocsp/shared/conf/CS.cfg.in @@ -26,6 +26,8 @@ preop.product.name=CS preop.product.version=@VERSION@ preop.system.name=OCSP preop.system.fullname=OCSP Responder +proxy.securePort=[PKI_PROXY_SECURE_PORT] +proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT] preop.configModules.module0.userFriendlyName=NSS Internal PKCS #11 Module preop.configModules.module0.commonName=NSS Internal PKCS #11 Module preop.configModules.module0.imagePath=../img/clearpixel.gif diff --git a/pki/base/ocsp/shared/conf/server.xml b/pki/base/ocsp/shared/conf/server.xml index 856c2c2a5..ff33b9aa4 100644 --- a/pki/base/ocsp/shared/conf/server.xml +++ b/pki/base/ocsp/shared/conf/server.xml @@ -191,10 +191,10 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) clientAuth="false" sslProtocol="TLS" /> --> - <!-- Define an AJP 1.3 Connector on port 8009 --> -<!-- - <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> ---> + <!-- Define an AJP 1.3 Connector on port [PKI_AJP_PORT] --> +[PKI_OPEN_AJP_PORT_COMMENT] + <Connector port="[PKI_AJP_PORT]" protocol="AJP/1.3" redirectPort="[PKI_AJP_REDIRECT_PORT]" /> +[PKI_CLOSE_AJP_PORT_COMMENT] <!-- An Engine represents the entry point (within Catalina) that processes diff --git a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml index ef79e3865..7ac6247e3 100644 --- a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml +++ b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml @@ -14,6 +14,12 @@ <param-name>https_port</param-name> <param-value>[PKI_AGENT_SECURE_PORT]</param-value> </init-param> +[PKI_OPEN_ENABLE_PROXY_COMMENT] + <init-param> + <param-name>proxy_port</param-name> + <param-value>[PKI_PROXY_SECURE_PORT]</param-value> + </init-param> +[PKI_CLOSE_ENABLE_PROXY_COMMENT] <init-param> <param-name>active</param-name> <param-value>true</param-value> @@ -27,6 +33,12 @@ <param-name>https_port</param-name> <param-value>[PKI_ADMIN_SECURE_PORT]</param-value> </init-param> +[PKI_OPEN_ENABLE_PROXY_COMMENT] + <init-param> + <param-name>proxy_port</param-name> + <param-value>[PKI_PROXY_SECURE_PORT]</param-value> + </init-param> +[PKI_CLOSE_ENABLE_PROXY_COMMENT] <init-param> <param-name>active</param-name> <param-value>true</param-value> @@ -44,6 +56,16 @@ <param-name>https_port</param-name> <param-value>[PKI_EE_SECURE_PORT]</param-value> </init-param> +[PKI_OPEN_ENABLE_PROXY_COMMENT] + <init-param> + <param-name>proxy_port</param-name> + <param-value>[PKI_PROXY_SECURE_PORT]</param-value> + </init-param> + <init-param> + <param-name>proxy_http_port</param-name> + <param-value>[PKI_PROXY_UNSECURE_PORT]</param-value> + </init-param> +[PKI_CLOSE_ENABLE_PROXY_COMMENT] <init-param> <param-name>active</param-name> <param-value>true</param-value> |