Lightweight CAs: add IPACustodiaKeyRetriever

Add 'IPACustodiaKeyRetriever', a 'KeyRetriever' implementation for use when Dogtag is deployed as a FreeIPA CA. The Java class invokes 'pki-ipa-retrieve-key', a Python script that retrieves lightweight CA keys from the Custodia server on a replica that possesses the keys. 'pki-ipa-retrieve-key' depends on FreeIPA libraries, FreeIPA server configuration, and Kerberos and Custodia keys owned by 'pkiuser'. Part of: https://fedorahosted.org/pki/ticket/1625
author: Fraser Tweedale <ftweedal@redhat.com> 2016-04-08 22:23:42 +1000
committer: Fraser Tweedale <ftweedal@redhat.com> 2016-05-03 11:42:49 +1000
commit: a2a4117dbc7e489cbb1964d6ce5f95b786a03fde (patch)
tree: 7a8ccedb469915d7755d4a021905664c395f6273 /specs
parent: 94ee373d053b34e534fbb61826e586693a38c934 (diff)
download: pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.tar.gz
pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.tar.xz
pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index bce6bd2d2..509ecdafa 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -1007,6 +1007,7 @@ systemctl daemon-reload
 %{_sbindir}/pki-server
 %{_sbindir}/pki-server-nuxwdog
 %{_sbindir}/pki-server-upgrade
+%{_libexecdir}/pki-ipa-retrieve-key
 %{python2_sitelib}/pki/server/
 %dir %{_datadir}/pki/deployment
 %{_datadir}/pki/deployment/config/
author	Fraser Tweedale <ftweedal@redhat.com>	2016-04-08 22:23:42 +1000
committer	Fraser Tweedale <ftweedal@redhat.com>	2016-05-03 11:42:49 +1000
commit	a2a4117dbc7e489cbb1964d6ce5f95b786a03fde (patch)
tree	7a8ccedb469915d7755d4a021905664c395f6273 /specs
parent	94ee373d053b34e534fbb61826e586693a38c934 (diff)
download	pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.tar.gz pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.tar.xz pki-a2a4117dbc7e489cbb1964d6ce5f95b786a03fde.zip