diff options
author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-09 02:14:47 +0000 |
---|---|---|
committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-09 02:14:47 +0000 |
commit | ce842117d0e57ef7ef31c4e54fd955fab25b80d9 (patch) | |
tree | c39375dae59a8fa82a5438638e29325a5afc5ae5 /pki/base/ra | |
parent | fee1581f2f47074cac4ab0641ffc078df242d58c (diff) | |
download | pki-ce842117d0e57ef7ef31c4e54fd955fab25b80d9.tar.gz pki-ce842117d0e57ef7ef31c4e54fd955fab25b80d9.tar.xz pki-ce842117d0e57ef7ef31c4e54fd955fab25b80d9.zip |
Bugzilla Bug #501081 - remove mod_revocator rpm as a dependency.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@568 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ra')
-rw-r--r-- | pki/base/ra/apache/conf/httpd.conf | 4 | ||||
-rw-r--r-- | pki/base/ra/apache/conf/revocator.conf | 19 | ||||
-rwxr-xr-x | pki/base/ra/lib/perl/PKI/RA/DonePanel.pm | 38 |
3 files changed, 0 insertions, 61 deletions
diff --git a/pki/base/ra/apache/conf/httpd.conf b/pki/base/ra/apache/conf/httpd.conf index 6dcebf33a..b3e36d279 100644 --- a/pki/base/ra/apache/conf/httpd.conf +++ b/pki/base/ra/apache/conf/httpd.conf @@ -254,8 +254,6 @@ LoadModule negotiation_module [FORTITUDE_LIB_DIR]/modules/mod_negotiation.so LoadModule cgi_module [FORTITUDE_LIB_DIR]/modules/mod_cgi.so # Required module for commands in nss.conf: [FORTITUDE_NSS_MODULES] -# Required module for commands in revocator.conf: -[FORTITUDE_REVOCATOR_MODULES] <Location /nk_service> SetHandler nk_service @@ -1040,8 +1038,6 @@ BrowserMatch "^gnome-vfs" redirect-carefully #</IfModule> Include [SERVER_ROOT]/conf/nss.conf -Include [SERVER_ROOT]/conf/revocator.conf - ### Section 3: Virtual Hosts # # VirtualHost: If you want to maintain multiple domains/hostnames on your diff --git a/pki/base/ra/apache/conf/revocator.conf b/pki/base/ra/apache/conf/revocator.conf deleted file mode 100644 index 904b7f837..000000000 --- a/pki/base/ra/apache/conf/revocator.conf +++ /dev/null @@ -1,19 +0,0 @@ -# CRL Engine Switch: -# Enable/Disable CRL retrieval - -CRLEngine off - -# CRL Age Check Switch: -# Shut the server down if a CRL expires -CRLAgeCheck off - -# CRL Update Critical Switch: -# Shut the server down if a CRL cannot be retrieved -CRLUpdateCritical off - -# CRL URLs: -# A space delimited list of URLs to retrieve and install. -# protocol://urldata;update_interval;max_age -#CRLFile "ldap://ldap.example.com:5000/o=example.net?usercertificate%3binary?sub?(sn=Jensen)??;30;30" -#CRLFile "exec:///usr/sbin/ldapget|ldap://ldap.example.com:3389/o=example.com?userCertificate%3bbinary?sub?(uid=crl)??;30;30" -#CRLFile "https://ca.example.com:1025/getCRL?op=getCRL&issuepoint=MasterCRL;30;30" diff --git a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm index 87d8bd8c4..f5e86fc6b 100755 --- a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm @@ -333,44 +333,6 @@ sub display system( "rm $instDir/conf/nss.conf.tmp" ); } - # Rewrite "revocator.conf", activating the CRLEngine, and appending - # the security domain getCRL URL to end of the file - open( TMP_REVOCATOR_CONF, ">$instDir/conf/revocator.conf.tmp" ); - system( "chmod 00660 $instDir/conf/revocator.conf.tmp" ); - open( REVOCATOR_CONF, "<$instDir/conf/revocator.conf" ); - while( <REVOCATOR_CONF> ) { - if( /^CRLEngine/ ) { - # Bugzilla Bug #493122: Activate CRLEngine on RHEL, - # but NOT on Fedora! - if( -e "/etc/fedora-release" ) { - print TMP_REVOCATOR_CONF "CRLEngine off\n"; - } else { - # Bugzilla Bug #498528 Disable mod_revocator on RHEL - # since it will no longer work - # with the updated mod_nss which - # is required for HSMs - print TMP_REVOCATOR_CONF "CRLEngine off\n"; - } - } else { - print TMP_REVOCATOR_CONF $_; - } - } - # Append security domain getCRL URL to end of "revocator.conf.tmp" - print TMP_REVOCATOR_CONF "CRLFile \"" . $sdom - . "/ca/ee/ca/getCRL?op=getCRL&crlIssuingPoint=MasterCRL;60;60\"\n"; - close( REVOCATOR_CONF ); - close( TMP_REVOCATOR_CONF ); - - # Create a copy of the original file which - # preserves the original file permissions - system( "cp -p $instDir/conf/revocator.conf.tmp " - . "$instDir/conf/revocator.conf" ); - - # Remove the original file only if the backup copy was successful - if( -e "$instDir/conf/revocator.conf" ) { - system( "rm $instDir/conf/revocator.conf.tmp" ); - } - &PKI::RA::Wizard::debug_log("DonePanel: Connecting to Security Domain"); my $machineName = $::config->get("service.machineName"); |