RHEL 7.1 bug verification automation

7 files changed, 927 insertions, 0 deletions

diff --git a/tests/dogtag/acceptance/bugzilla/bug_setup.sh b/tests/dogtag/acceptance/bugzilla/bug_setup.sh
new file mode 100755
index 000000000..d4bd1aa62
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/bug_setup.sh
@@ -0,0 +1,245 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/
+#   Description: CS-backup-bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#pki-user-cli-user-ca.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+BUGCA_LDAP_PORT="1801"
+BUGCA_LDAP_INSTANCE_NAME="pki-ca-bug"
+BUGCA_LDAP_DB_SUFFIX="dc=pki-ca"
+BUGCA_SUBSYSTEM_NAME="BUGCA"
+BUGCA_INSTANCE_CFG="/tmp/bugca_instance.inf"
+BUGCA_INSTANCE_OUT="/tmp/bugca_instance_create.out"
+BUGKRA_INSTANCE_CFG="/tmp/bugkra_instance.inf"
+BUGKRA_INSTANCE_OUT="/tmp/bugkra_instance_create.out"
+BUGOCSP_INSTANCE_CFG="/tmp/bugocsp_instance.inf"
+BUGOCSP_INSTANCE_OUT="/tmp/bugocsp_instance_create.out"
+BUGTKS_INSTANCE_CFG="/tmp/bugtks_instance.inf"
+BUGTKS_INSTANCE_OUT="/tmp/bugtks_instance_create.out"
+BUGCA_TOMCAT_INSTANCE_NAME="pki-ca-bug"
+BUGCA_ADMIN_PASSWORD="Secret123"
+BUGCA_CLIENT_PKCS12_PASSWORD="Secret123"
+BUGCA_HTTP_PORT="30051"
+BUGCA_HTTPS_PORT="30050"
+BUGCA_TOMCAT_SERVER_PORT="30052"
+BUGCA_SEC_DOMAIN_HTTPS_PORT="30050"
+BUGCA_SEC_DOMAIN_PASSWORD="Secret123"
+BUG_LDAP_ROOTDN="cn=Directory Manager"
+BUG_LDAP_ROOTDNPWD="Secret123"
+BUGKRA_LDAP_PORT="1802"
+BUGKRA_LDAP_INSTANCE_NAME="pki-kra-bug"
+BUGKRA_LDAP_DB_SUFFIX="dc=pki-kra"
+BUGKRA_SUBSYSTEM_NAME="BUGKRA"
+BUGKRA_PKI_CLIENT_DATABASE_PASSWORD="Secret123"
+BUGKRA_PKI_SECURITY_DOMAIN_USER="caadmin"
+BUGOCSP_LDAP_PORT="1803"
+BUGOCSP_LDAP_INSTANCE_NAME="pki-ocsp-bug"
+BUGOCSP_LDAP_DB_SUFFIX="dc=pki-ocsp"
+BUGOCSP_SUBSYSTEM_NAME="BUGOCSP"
+BUGOCSP_PKI_CLIENT_DATABASE_PASSWORD="Secret123"
+BUGOCSP_PKI_SECURITY_DOMAIN_USER="caadmin"
+BUGTKS_LDAP_PORT="1804"
+BUGTKS_LDAP_INSTANCE_NAME="pki-tks-bug"
+BUGTKS_LDAP_DB_SUFFIX="dc=pki-tks"
+BUGTKS_SUBSYSTEM_NAME="BUGTKS"
+BUGTKS_PKI_CLIENT_DATABASE_PASSWORD="Secret123"
+BUGTKS_PKI_SECURITY_DOMAIN_USER="caadmin"
+BUGCA_CERTDB_DIR="/opt/bugsecdb/bugcerts_db"
+BUGCA_CERTDB_DIR_PASSWORD="Secret123"
+BUGCA_CLIENT_DB_PURGE=True
+BUGCA_CLIENT_DIR="/opt/bugsecdb"
+BUGCA_ADMIN_CERT_NICKNAME="bugcaadmincert"
+BUGCA_ADMIN_IMPORT_CERT=False
+BUGCA_BACKUP=True
+BUGCA_BACKUP_PASSWORD="Secret123"
+BUGKRA_ADMIN_CERT_NICKNAME="bugkraadmincert"
+BUGKRA_ADMIN_IMPORT_CERT=True
+BUGOCSP_ADMIN_CERT_NICKNAME="bugocspadmincert"
+BUGOCSP_ADMIN_CERT_NICKNAME="bugtksadmincert"
+run_bug_verification_setup(){
+ 
+     rlPhaseStartTest "Setting up instance for bug verification"
+
+        rlLog "https://bugzilla.redhat.com/show_bug.cgi?id=1061442"
+        cat /etc/redhat-release | grep "Fedora"
+        if [ $? -eq 0 ] ; then
+               FLAVOR="Fedora"
+               rlLog "Automation is running against Fedora"
+        else
+                FLAVOR="RHEL"
+                rlLog "Automation is running against RHEL"
+        fi
+        rhcs_install_set_ldap_vars
+	#rlRun "mkdir $BUGCA_CERTDB_DIR"
+        rlRun "rhds_install $BUGCA_LDAP_PORT $BUGCA_LDAP_INSTANCE_NAME \"$BUG_LDAP_ROOTDN\" $BUG_LDAP_ROOTDNPWD $BUGCA_LDAP_DB_SUFFIX $BUGCA_SUBSYSTEM_NAME"
+        echo "[DEFAULT]" > $BUGCA_INSTANCE_CFG
+        echo "pki_instance_name=$BUGCA_TOMCAT_INSTANCE_NAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_https_port=$BUGCA_HTTPS_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_http_port=$BUGCA_HTTP_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_tomcat_server_port=$BUGCA_TOMCAT_SERVER_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_admin_password=$BUGCA_ADMIN_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_pkcs12_password=$BUGCA_CLIENT_PKCS12_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_database=$BUGCA_LDAP_INSTANCE_NAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_ldap_port=$BUGCA_LDAP_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_base_dn=$BUGCA_LDAP_DB_SUFFIX" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_bind_dn=$BUG_LDAP_ROOTDN" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_password=$BUG_LDAP_ROOTDNPWD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_security_domain_https_port=$BUGCA_SEC_DOMAIN_HTTPS_PORT" >> $BUGCA_INSTANCE_CFG
+	echo "pki_security_domain_password=$BUGCA_SEC_DOMAIN_PASSWORD" >> $BUGCA_INSTANCE_CFG
+	echo "pki_admin_nickname=$BUGCA_ADMIN_CERT_NICKNAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_import_admin_cert=$BUGCA_ADMIN_IMPORT_CERT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_dir=$BUGCA_CLIENT_DIR" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_admin_cert_p12=$BUGCA_CLIENT_DIR/$BUGCA_ADMIN_CERT_NICKNAME.p12" >> $BUGCA_INSTANCE_CFG
+        echo "pki_backup_keys=$BUGCA_BACKUP" >> $BUGCA_INSTANCE_CFG
+        echo "pki_backup_password=$BUGCA_BACKUP_PASSWORD" >> $BUGCA_INSTANCE_CFG
+	echo "pki_client_database_dir=$BUGCA_CERTDB_DIR" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGCA_CERTDB_DIR_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_database_purge=$BUGCA_CLIENT_DB_PURGE" >> $BUGCA_INSTANCE_CFG
+        rlRun "pkispawn -s CA -v -f $BUGCA_INSTANCE_CFG > $BUGCA_INSTANCE_OUT"
+	rlRun "sleep 10"
+	BUGCA_SERVER_ROOT="/var/lib/pki/$BUGCA_TOMCAT_INSTANCE_NAME/ca"
+	rlRun "install_and_trust_CA_cert $BUGCA_SERVER_ROOT $BUGCA_CERTDB_DIR"
+
+	 # Create a KRA instance
+
+        rlRun "rhds_install $BUGKRA_LDAP_PORT $BUGKRA_LDAP_INSTANCE_NAME \"$BUG_LDAP_ROOTDN\" $BUG_LDAP_ROOTDNPWD $BUGKRA_LDAP_DB_SUFFIX $BUGKRA_SUBSYSTEM_NAME"
+        echo "[DEFAULT]" > $BUGKRA_INSTANCE_CFG
+        echo "pki_instance_name=$BUGCA_TOMCAT_INSTANCE_NAME" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_https_port=$BUGCA_HTTPS_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_http_port=$BUGCA_HTTP_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_tomcat_server_port=$BUGCA_TOMCAT_SERVER_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_admin_password=$BUGCA_ADMIN_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_pkcs12_password=$BUGCA_CLIENT_PKCS12_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_ds_database=$BUGKRA_LDAP_INSTANCE_NAME" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_ds_ldap_port=$BUGKRA_LDAP_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_ds_base_dn=$BUGKRA_LDAP_DB_SUFFIX" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_ds_bind_dn=$BUG_LDAP_ROOTDN" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_ds_password=$BUG_LDAP_ROOTDNPWD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_security_domain_hostname=$MASTER" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_security_domain_https_port=$BUGCA_SEC_DOMAIN_HTTPS_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_security_domain_password=$BUGCA_SEC_DOMAIN_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_security_domain_user=$BUGKRA_PKI_SECURITY_DOMAIN_USER" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGKRA_PKI_CLIENT_DATABASE_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+	echo "pki_admin_nickname=$BUGKRA_ADMIN_CERT_NICKNAME" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_import_admin_cert=$BUGKRA_ADMIN_IMPORT_CERT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_dir=$BUGCA_CLIENT_DIR" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_admin_cert_p12=$BUGCA_CLIENT_DIR/$BUGKRA_ADMIN_CERT_NICKNAME.p12" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_backup_keys=$BUGCA_BACKUP" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_backup_password=$BUGCA_BACKUP_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_database_dir=$BUGCA_CERTDB_DIR" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGCA_CERTDB_DIR_PASSWORD" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_client_database_purge=$BUGCA_CLIENT_DB_PURGE" >> $BUGKRA_INSTANCE_CFG
+	echo "pki_issuing_ca_hostname=$MASTER" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_issuing_ca_https_port=$BUGCA_HTTPS_PORT" >> $BUGKRA_INSTANCE_CFG
+        echo "pki_issuing_ca_uri=https://$MASTER:$BUGCA_HTTPS_PORT" >> $BUGKRA_INSTANCE_CFG
+        rlRun "pkispawn -s KRA -v -f $BUGKRA_INSTANCE_CFG > $BUGKRA_INSTANCE_OUT"
+	rlRun "sleep 10"
+
+	# Create a OCSP instance
+
+        rlRun "rhds_install $BUGOCSP_LDAP_PORT $BUGOCSP_LDAP_INSTANCE_NAME \"$BUG_LDAP_ROOTDN\" $BUG_LDAP_ROOTDNPWD $BUGOCSP_LDAP_DB_SUFFIX $BUGOCSP_SUBSYSTEM_NAME"
+        echo "[DEFAULT]" > $BUGOCSP_INSTANCE_CFG
+        echo "pki_instance_name=$BUGCA_TOMCAT_INSTANCE_NAME" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_https_port=$BUGCA_HTTPS_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_http_port=$BUGCA_HTTP_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_tomcat_server_port=$BUGCA_TOMCAT_SERVER_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_admin_password=$BUGCA_ADMIN_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_pkcs12_password=$BUGCA_CLIENT_PKCS12_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_ds_database=$BUGOCSP_LDAP_INSTANCE_NAME" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_ds_ldap_port=$BUGOCSP_LDAP_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_ds_base_dn=$BUGOCSP_LDAP_DB_SUFFIX" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_ds_bind_dn=$BUG_LDAP_ROOTDN" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_ds_password=$BUG_LDAP_ROOTDNPWD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_security_domain_hostname=$MASTER" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_security_domain_https_port=$BUGCA_SEC_DOMAIN_HTTPS_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_security_domain_password=$BUGCA_SEC_DOMAIN_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_security_domain_user=$BUGOCSP_PKI_SECURITY_DOMAIN_USER" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGOCSP_PKI_CLIENT_DATABASE_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+	echo "pki_admin_nickname=$BUGOCSP_ADMIN_CERT_NICKNAME" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_import_admin_cert=$BUGKRA_ADMIN_IMPORT_CERT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_dir=$BUGCA_CLIENT_DIR" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_admin_cert_p12=$BUGCA_CLIENT_DIR/$BUGOCSP_ADMIN_CERT_NICKNAME.p12" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_backup_keys=$BUGCA_BACKUP" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_backup_password=$BUGCA_BACKUP_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_database_dir=$BUGCA_CERTDB_DIR" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGCA_CERTDB_DIR_PASSWORD" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_client_database_purge=$BUGCA_CLIENT_DB_PURGE" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_issuing_ca_hostname=$MASTER" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_issuing_ca_https_port=$BUGCA_HTTPS_PORT" >> $BUGOCSP_INSTANCE_CFG
+        echo "pki_issuing_ca_uri=https://$MASTER:$BUGCA_HTTPS_PORT" >> $BUGOCSP_INSTANCE_CFG
+        rlRun "pkispawn -s OCSP -v -f $BUGOCSP_INSTANCE_CFG > $BUGOCSP_INSTANCE_OUT"
+	rlRun "sleep 10"
+
+	# Create a TKS instance
+
+        rlRun "rhds_install $BUGTKS_LDAP_PORT $BUGTKS_LDAP_INSTANCE_NAME \"$BUG_LDAP_ROOTDN\" $BUG_LDAP_ROOTDNPWD $BUGTKS_LDAP_DB_SUFFIX $BUGTKS_SUBSYSTEM_NAME"
+        echo "[DEFAULT]" > $BUGTKS_INSTANCE_CFG
+        echo "pki_instance_name=$BUGCA_TOMCAT_INSTANCE_NAME" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_https_port=$BUGCA_HTTPS_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_http_port=$BUGCA_HTTP_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_tomcat_server_port=$BUGCA_TOMCAT_SERVER_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_admin_password=$BUGCA_ADMIN_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_pkcs12_password=$BUGCA_CLIENT_PKCS12_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_ds_database=$BUGTKS_LDAP_INSTANCE_NAME" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_ds_ldap_port=$BUGTKS_LDAP_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_ds_base_dn=$BUGTKS_LDAP_DB_SUFFIX" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_ds_bind_dn=$BUG_LDAP_ROOTDN" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_ds_password=$BUG_LDAP_ROOTDNPWD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_security_domain_hostname=$MASTER" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_security_domain_https_port=$BUGCA_SEC_DOMAIN_HTTPS_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_security_domain_password=$BUGCA_SEC_DOMAIN_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_security_domain_user=$BUGTKS_PKI_SECURITY_DOMAIN_USER" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGTKS_PKI_CLIENT_DATABASE_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+	echo "pki_admin_nickname=$BUGTKS_ADMIN_CERT_NICKNAME" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_import_admin_cert=$BUGKRA_ADMIN_IMPORT_CERT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_dir=$BUGCA_CLIENT_DIR" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_admin_cert_p12=$BUGCA_CLIENT_DIR/$BUGTKS_ADMIN_CERT_NICKNAME.p12" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_backup_keys=$BUGCA_BACKUP" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_backup_password=$BUGCA_BACKUP_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_database_dir=$BUGCA_CERTDB_DIR" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGCA_CERTDB_DIR_PASSWORD" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_client_database_purge=$BUGCA_CLIENT_DB_PURGE" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_issuing_ca_hostname=$MASTER" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_issuing_ca_https_port=$BUGCA_HTTPS_PORT" >> $BUGTKS_INSTANCE_CFG
+        echo "pki_issuing_ca_uri=https://$MASTER:$BUGCA_HTTPS_PORT" >> $BUGTKS_INSTANCE_CFG
+        rlRun "pkispawn -s TKS -v -f $BUGTKS_INSTANCE_CFG > $BUGTKS_INSTANCE_OUT"
+	rlRun "sleep 10"
+     rlPhaseEnd
+
+}
diff --git a/tests/dogtag/acceptance/bugzilla/bug_uninstall.sh b/tests/dogtag/acceptance/bugzilla/bug_uninstall.sh
new file mode 100755
index 000000000..9d40c695b
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/bug_uninstall.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/
+#   Description: 1058366 bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#pki-user-cli-user-ca.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+run_bug-uninstall(){
+ 
+     rlPhaseStartTest "Bug verification - uninstall instances"
+	rlRun "pkidestroy -s TKS -i pki-ca-bug"
+	rlRun "sleep 10"
+	rlRun "pkidestroy -s OCSP -i pki-ca-bug"
+        rlRun "sleep 10"
+	rlRun "pkidestroy -s KRA -i pki-ca-bug"
+        rlRun "sleep 10"
+	rlRun "pkidestroy -s CA -i pki-ca-bug"
+        rlRun "sleep 10"
+	rlRun "remove-ds.pl -f -i slapd-pki-ca-bug"
+	rlRun "sleep 10"
+	rlRun "remove-ds.pl -f -i slapd-pki-kra-bug"
+        rlRun "sleep 10"
+	rlRun "remove-ds.pl -f -i slapd-pki-ocsp-bug"
+        rlRun "sleep 10"
+	rlRun "remove-ds.pl -f -i slapd-pki-tks-bug"
+        rlRun "sleep 10"
+	rlRun "rm -rf $BUGCA_CERTDB_DIR"
+     rlPhaseEnd
+
+}
diff --git a/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1040640.sh b/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1040640.sh
new file mode 100755
index 000000000..eca9de24c
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1040640.sh
@@ -0,0 +1,82 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/jss-bugs
+#   Description: 1040640 bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#bug_setup.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+run_bug-1040640-verification(){
+ 
+     rlPhaseStartTest "Bug 1040640 -  Incorrect OIDs for SHA2 algorithms"
+	BUGCA_DOMAIN=`hostname -d`
+	pkcs10_cert_req_old="$BUGCA_CERTDB_DIR/certReq.p10"
+	pkcs10_cert_req_out_old="$BUGCA_CERTDB_DIR/certReq.p10.cmc"
+	cmc_conf_file_old="$BUGCA_CERTDB_DIR/p10cmc.conf"
+	http_client_rsa_conf_old="$BUGCA_CERTDB_DIR/HttpClientRSA.cfg"
+	http_client_out_old="$BUGCA_CERTDB_DIR/certReq.p10.cmc.response"
+	asn1_out_old="$BUGCA_CERTDB_DIR/asn1.out"
+        rlRun "PKCS10Client -d $BUGCA_CERTDB_DIR -p $BUGCA_CERTDB_DIR_PASSWORD -o $pkcs10_cert_req_old -n \"CN=test1\" -a rsa -l 2048"
+	echo "numRequests=1" >> $cmc_conf_file_old
+	echo "input=$pkcs10_cert_req_old" >> $cmc_conf_file_old
+	echo "output=$pkcs10_cert_req_out_old" >> $cmc_conf_file_old
+	echo "nickname=PKI Administrator for $BUGCA_DOMAIN" >> $cmc_conf_file_old
+	echo "dbdir=$BUGCA_CERTDB_DIR" >> $cmc_conf_file_old
+	echo "password=Secret123" >> $cmc_conf_file_old
+	echo "format=pkcs10" >> $cmc_conf_file_old
+	rlRun "CMCRequest $cmc_conf_file_old"
+	rlRun "sleep 10"
+	echo "host=$MASTER" >> $http_client_rsa_conf_old
+	echo "port=$BUGCA_HTTP_PORT" >> $http_client_rsa_conf_old
+	echo "secure=false" >> $http_client_rsa_conf_old
+	echo "input=$pkcs10_cert_req_out_old" >> $http_client_rsa_conf_old
+	echo "output=$http_client_out_old" >> $http_client_rsa_conf_old
+	echo "dbdir=$BUGCA_CERTDB_DIR" >> $http_client_rsa_conf_old
+	echo "clientmode=false" >> $http_client_rsa_conf_old
+	echo "password=Secret123" >> $http_client_rsa_conf_old
+	echo "nickname=PKI Administrator for $BUGCA_DOMAIN" >> $http_client_rsa_conf_old
+	echo "servlet=/ca/ee/ca/profileSubmitCMCFull" >> $http_client_rsa_conf_old
+	rlRun "HttpClient $http_client_rsa_conf_old"
+	rlRun "sleep 10"
+	rlRun "yum -y install dumpasn1"
+	rlRun "dumpasn1 $http_client_out_old > $asn1_out_old"
+	rlAssertNotGrep "2 16 840 1 101 3 4 1" "$asn1_out_old"
+	rlAssertGrep "2 16 840 1 101 3 4 2 1" "$asn1_out_old"
+     rlPhaseEnd
+
+}
diff --git a/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1133718.sh b/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1133718.sh
new file mode 100755
index 000000000..818c8cd0e
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/jss-bugs/bug-1133718.sh
@@ -0,0 +1,76 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/jss-bugs
+#   Description: 1058366 bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#bug_setup.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+run_bug-1133718-verification(){
+ 
+     rlPhaseStartTest "Bug 1133718 - Key strength validation is not performed for RC4 algorithm"
+	BUGCA_DOMAIN=`hostname -d`
+	rlLog "https://bugzilla.redhat.com/show_bug.cgi?id=1133718"
+	rlLog "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test --key-algorithm RC4 --key-size -1"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test --key-algorithm RC4 --key-size -1 > /tmp/kra-key-generate001.out 2>&1" 255 "KRA key generate using key size -1"
+	rlRun "sleep 10"
+	rlAssertGrep "BadRequestException: Invalid key size for this algorithm" "/tmp/kra-key-generate001.out"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test --key-algorithm RC4 --key-size 39 > /tmp/kra-key-generate002.out 2>&1" 255 "KRA key generate using key size 39"
+	rlRun "sleep 10"
+        rlAssertGrep "BadRequestException: Invalid key size for this algorithm" "/tmp/kra-key-generate002.out"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test --key-algorithm RC4 --key-size 2049 > /tmp/kra-key-generate003.out 2>&1" 255 "KRA key generate using key size 2049"
+	rlRun "sleep 10"
+        rlAssertGrep "BadRequestException: Invalid key size for this algorithm" "/tmp/kra-key-generate003.out"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test --key-algorithm RC4 --key-size 40 > /tmp/kra-key-generate004.out 2>&1" 0 "KRA key generate using key size 40"
+	rlRun "sleep 10"
+        rlAssertGrep "Key generation request info" "/tmp/kra-key-generate004.out"
+	rlAssertGrep "Type: symkeyGenRequest" "/tmp/kra-key-generate004.out"
+	rlAssertGrep "Status: complete" "/tmp/kra-key-generate004.out"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test1 --key-algorithm RC4 --key-size 100 > /tmp/kra-key-generate005.out 2>&1" 0 "KRA key generate using key size 100"
+        rlRun "sleep 10"
+        rlAssertGrep "Key generation request info" "/tmp/kra-key-generate005.out"
+        rlAssertGrep "Type: symkeyGenRequest" "/tmp/kra-key-generate005.out"
+        rlAssertGrep "Status: complete" "/tmp/kra-key-generate005.out"
+	rlRun "pki -d $BUGCA_CERTDB_DIR -c $BUGCA_CERTDB_DIR_PASSWORD -n \"PKI Administrator for $BUGCA_DOMAIN\" -h $MASTER -p $BUGCA_HTTP_PORT key-generate test2 --key-algorithm RC4 --key-size 2048 > /tmp/kra-key-generate006.out 2>&1" 0 "KRA key generate using key size 2048"
+        rlRun "sleep 10"
+        rlAssertGrep "Key generation request info" "/tmp/kra-key-generate006.out"
+        rlAssertGrep "Type: symkeyGenRequest" "/tmp/kra-key-generate006.out"
+        rlAssertGrep "Status: complete" "/tmp/kra-key-generate006.out"
+     rlPhaseEnd
+
+}
diff --git a/tests/dogtag/acceptance/bugzilla/pki-core-bugs/bug-790924.sh b/tests/dogtag/acceptance/bugzilla/pki-core-bugs/bug-790924.sh
new file mode 100755
index 000000000..06ea47204
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/pki-core-bugs/bug-790924.sh
@@ -0,0 +1,133 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/
+#   Description: CS-backup-bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#pki-user-cli-user-ca.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+BUGCA_LDAP_PORT="1801"
+BUGCA_LDAP_INSTANCE_NAME="pki-ca-bug"
+BUGCA_LDAP_DB_SUFFIX="dc=pki-ca"
+BUGCA_SUBSYSTEM_NAME="BUGCA"
+BUGCA_INSTANCE_CFG="/tmp/bugca_instance.inf"
+BUGCA_INSTANCE_OUT="/tmp/bugca_instance_create.out"
+BUGCA_TOMCAT_INSTANCE_NAME="pki-ca-bug"
+BUGCA_ADMIN_PASSWORD="Secret123"
+BUGCA_CLIENT_PKCS12_PASSWORD="Secret123"
+BUGCA_HTTP_PORT="30051"
+BUGCA_HTTPS_PORT="30050"
+BUGCA_TOMCAT_SERVER_PORT="30052"
+BUGCA_SEC_DOMAIN_HTTPS_PORT="30050"
+BUGCA_SEC_DOMAIN_PASSWORD="Secret123"
+BUG_LDAP_ROOTDN="cn=Directory Manager"
+BUG_LDAP_ROOTDNPWD="Secret123"
+BUGCA_CERTDB_DIR="/opt/bugsecdb/bugcerts_db"
+BUGCA_CERTDB_DIR_PASSWORD="Secret123"
+BUGCA_CLIENT_DB_PURGE=True
+BUGCA_CLIENT_DIR="/opt/bugsecdb"
+BUGCA_ADMIN_CERT_NICKNAME="bugcaadmincert"
+BUGCA_ADMIN_IMPORT_CERT=False
+BUGCA_BACKUP=True
+BUGCA_BACKUP_PASSWORD="Secret123"
+BUGCA_SIGNING_CERT_SUBJECT_NAME="CN=PKI EXTCA Signing Cert,O=redhat"
+run_bug_790924(){
+ 
+     rlPhaseStartTest "Bug 790924 - pkispawn configuration does not provide CA extensions in subordinate certificate signing requests CSR"
+
+        rlLog "https://bugzilla.redhat.com/show_bug.cgi?id=790924"
+	COMMON_SERVER_PACKAGES="bind expect pki-console xmlstarlet dos2unix"
+        RHELRHCS_PACKAGES="pki-base pki-server pki-tools pki-symkey pki-javadoc pki-ca"
+        cat /etc/redhat-release | grep "Fedora"
+        if [ $? -eq 0 ] ; then
+               FLAVOR="Fedora"
+               rlLog "Automation is running against Fedora"
+        else
+                FLAVOR="RHEL"
+                rlLog "Automation is running against RHEL"
+		 yum clean all
+                yum -y update
+                #CA install
+                rc=0
+                rlLog "CA instance will be installed on $HOSTNAME"
+                rlLog "yum -y install $COMMON_SERVER_PACKAGES"
+                yum -y install $COMMON_SERVER_PACKAGES
+		rlLog "yum -y install $RHELRHCS_PACKAGES"
+                yum -y install $RHELRHCS_PACKAGES
+        fi
+        rhcs_install_set_ldap_vars
+	# Create DS instance
+        rlRun "rhds_install $BUGCA_LDAP_PORT $BUGCA_LDAP_INSTANCE_NAME \"$BUG_LDAP_ROOTDN\" $BUG_LDAP_ROOTDNPWD $BUGCA_LDAP_DB_SUFFIX $BUGCA_SUBSYSTEM_NAME"
+	# CA config parameters
+        echo "[DEFAULT]" > $BUGCA_INSTANCE_CFG
+        echo "pki_instance_name=$BUGCA_TOMCAT_INSTANCE_NAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_https_port=$BUGCA_HTTPS_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_http_port=$BUGCA_HTTP_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_tomcat_server_port=$BUGCA_TOMCAT_SERVER_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_admin_password=$BUGCA_ADMIN_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_pkcs12_password=$BUGCA_CLIENT_PKCS12_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_database=$BUGCA_LDAP_INSTANCE_NAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_ldap_port=$BUGCA_LDAP_PORT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_base_dn=$BUGCA_LDAP_DB_SUFFIX" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_bind_dn=$BUG_LDAP_ROOTDN" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ds_password=$BUG_LDAP_ROOTDNPWD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_security_domain_https_port=$BUGCA_SEC_DOMAIN_HTTPS_PORT" >> $BUGCA_INSTANCE_CFG
+	echo "pki_security_domain_password=$BUGCA_SEC_DOMAIN_PASSWORD" >> $BUGCA_INSTANCE_CFG
+	echo "pki_admin_nickname=$BUGCA_ADMIN_CERT_NICKNAME" >> $BUGCA_INSTANCE_CFG
+        echo "pki_import_admin_cert=$BUGCA_ADMIN_IMPORT_CERT" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_dir=$BUGCA_CLIENT_DIR" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_admin_cert_p12=$BUGCA_CLIENT_DIR/$BUGCA_ADMIN_CERT_NICKNAME.p12" >> $BUGCA_INSTANCE_CFG
+        echo "pki_backup_keys=$BUGCA_BACKUP" >> $BUGCA_INSTANCE_CFG
+        echo "pki_backup_password=$BUGCA_BACKUP_PASSWORD" >> $BUGCA_INSTANCE_CFG
+	echo "pki_client_database_dir=$BUGCA_CERTDB_DIR" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_database_password=$BUGCA_CERTDB_DIR_PASSWORD" >> $BUGCA_INSTANCE_CFG
+        echo "pki_client_database_purge=$BUGCA_CLIENT_DB_PURGE" >> $BUGCA_INSTANCE_CFG
+	echo "[CA]" >> $BUGCA_INSTANCE_CFG
+	echo "pki_external=True" >> $BUGCA_INSTANCE_CFG
+        echo "pki_external_csr_path=/tmp/ca_signing.csr" >> $BUGCA_INSTANCE_CFG
+        echo "pki_ca_signing_subject_dn=$BUGCA_SIGNING_CERT_SUBJECT_NAME" >> $BUGCA_INSTANCE_CFG
+	# Create CA instance
+        rlRun "pkispawn -s CA -f $BUGCA_INSTANCE_CFG > $BUGCA_INSTANCE_OUT"
+	rlRun "sleep 10"
+	rlAssertExists "/tmp/ca_signing.csr"
+	rlRun "pkidestroy -s CA -i pki-ca-bug"
+        rlRun "sleep 10"
+        rlRun "remove-ds.pl -f -i slapd-pki-ca-bug"
+        rlRun "sleep 10"
+
+     rlPhaseEnd
+}
diff --git a/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh b/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh
new file mode 100755
index 000000000..99a6f1f6a
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/
+#   Description: 1058366 bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#pki-user-cli-user-ca.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+run_bug-1058366-verification(){
+ 
+     rlPhaseStartTest "bug_1058366:  NullPointerException in tomcatjss searching for attribute clientauth"
+	CA_HOST=$MASTER
+	CA_PORT=$(cat /tmp/bugca_instance.inf | grep pki_http_port | cut -d "=" -f2)
+	test1="test_screen"
+	ca_server_xml_file="/var/lib/pki/pki-ca-bug/conf/server.xml"
+	temp_file="$ca_server_xml_file.temp"
+	log_file="/tmp/log_messages"
+        rlLog "https://bugzilla.redhat.com/show_bug.cgi?id=1058366"
+	rlRun "systemctl stop pki-tomcatd@pki-ca-bug.service"
+	rlRun "sleep 10"
+	search_string1="clientAuth=\"want\""
+	search_string2="clientauth=\"want\""
+	search_string3="enableOCSP=\"false\""
+        replace_string3="enableOCSP=\"true\""
+	search_string4="ocspResponderURL=\"http://$MASTER:9080/ca/ocsp\""
+	replace_string4="ocspResponderURL=\"http://$MASTER:$CA_PORT/ca/ocsp\""
+	
+	rlAssertGrep "$search_string1" "$ca_server_xml_file"
+	rlAssertNotGrep "$search_string2" "$ca_server_xml_file"
+	rlRun "sed 's/$search_string3/$replace_string3/g' $ca_server_xml_file > $temp_file"
+	rlRun "sleep 10"
+        cp $temp_file $ca_server_xml_file
+	rlRun "sleep 10"
+	rlRun "sed 's#$search_string4#$replace_string4#g' $ca_server_xml_file > $temp_file"
+	rlRun "sleep 10"
+        cp $temp_file $ca_server_xml_file
+	rlRun "sleep 10"
+	chown pkiuser:pkiuser $ca_server_xml_file
+	rlRun "sleep 10"
+        cat $ca_server_xml_file | grep $replace_string3
+        if [ $? -eq 0 ] ; then
+		rlRun "systemctl start pki-tomcatd@pki-ca-bug.service"
+		rlRun "sleep 10"
+		rlRun "journalctl > $log_file"
+		rlRun "sleep 10"
+		rlAssertNotGrep "NullPointerException" "$log_file"
+		rlRun "systemctl stop pki-tomcatd@pki-ca-bug.service"
+		rlRun "sleep 10"
+		rlRun "sed 's/$replace_string3/$search_string3/g' $ca_server_xml_file > $temp_file"
+	        rlRun "sleep 10"
+        	cp $temp_file $ca_server_xml_file
+		rlRun "systemctl start pki-tomcatd@pki-ca-bug.service"
+                rlRun "sleep 10"
+	fi
+     rlPhaseEnd
+
+}
diff --git a/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1084224.sh b/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1084224.sh
new file mode 100755
index 000000000..782404c49
--- /dev/null
+++ b/tests/dogtag/acceptance/bugzilla/tomcatjss-bugs/bug-1084224.sh
@@ -0,0 +1,233 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/dogtag/acceptance/bugzilla/
+#   Description: tomcatjss bug verification
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Authors: Roshni Pattath <rpattath@redhat.com> 
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+########################################################################
+#pki-user-cli-user-ca.sh should be first executed prior to bug verification
+########################################################################
+
+########################################################################
+# Test Suite Globals
+########################################################################
+run_tomcatjss-bug-verification(){
+ 
+     rlPhaseStartTest "bug_1084224: Tomcatjss missing strictCiphers implementation"
+	CA_HOST=$MASTER
+	CA_PORT=$(cat /tmp/bugca_instance.inf | grep pki_https_port | cut -d "=" -f2)
+	test1="test_screen"
+	ca_server_xml_file="/var/lib/pki/pki-ca-bug/conf/server.xml"
+	temp_file="$ca_server_xml_file.temp"
+        rlLog "https://bugzilla.redhat.com/show_bug.cgi?id=1084224"
+	rlRun "ssltap -sfx $CA_HOST:$CA_PORT > /tmp/original_cipher.out &"
+	rlRun "sleep 10"
+	rlLog "Executing: wget https://$CA_HOST:1924 --no-check-certificate"
+	rlRun "wget https://$CA_HOST:1924 --no-check-certificate"
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x0035) TLS/RSA/AES256-CBC/SHA"	
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x0035) TLS/RSA/AES256-CBC/SHA"
+		search_string3="+TLS_RSA_WITH_AES_256_CBC_SHA"
+		replace_string3="-TLS_RSA_WITH_AES_256_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x002f) TLS/RSA/AES128-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x002f) TLS/RSA/AES128-CBC/SHA"
+                search_string3="+TLS_RSA_WITH_AES_128_CBC_SHA"
+                replace_string3="-TLS_RSA_WITH_AES_128_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0xc00a) TLS/ECDHE-ECDSA/AES256-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0xc00a) TLS/ECDHE-ECDSA/AES256-CBC/SHA"
+                search_string3="+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+                replace_string3="-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0xc009) TLS/ECDHE-ECDSA/AES128-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0xc009) TLS/ECDHE-ECDSA/AES128-CBC/SHA"
+                search_string3="+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+                replace_string3="-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0xc012) TLS/ECDHE-RSA/3DES-EDE-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0xc012) TLS/ECDHE-RSA/3DES-EDE-CBC/SHA"
+                search_string3="+TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+                replace_string3="-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0xc013) TLS/ECDHE-RSA/AES128-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0xc013) TLS/ECDHE-RSA/AES128-CBC/SHA"
+                search_string3="+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+                replace_string3="-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0xc014) TLS/ECDHE-RSA/AES256-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0xc014) TLS/ECDHE-RSA/AES256-CBC/SHA"
+                search_string3="+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+                replace_string3="-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x0032) TLS/DHE-DSS/AES128-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x0032) TLS/DHE-DSS/AES128-CBC/SHA"
+                search_string3="+TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+                replace_string3="-TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x0038) TLS/DHE-DSS/AES256-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x0038) TLS/DHE-DSS/AES256-CBC/SHA"
+                search_string3="+TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+                replace_string3="-TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x0033) TLS/DHE-RSA/AES128-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x0033) TLS/DHE-RSA/AES128-CBC/SHA"
+                search_string3="+TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+                replace_string3="-TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+	fi
+	cat /tmp/original_cipher.out | grep "cipher_suite = (0x0039) TLS/DHE-RSA/AES256-CBC/SHA"
+	if [ $? -eq 0 ]; then
+		original_cipher="cipher_suite = (0x0039) TLS/DHE-RSA/AES256-CBC/SHA"
+                search_string3="+TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+                replace_string3="-TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+	fi
+	rlRun "systemctl stop pki-tomcatd@pki-ca-bug.service"
+	search_string1="strictCiphers=\"false\""
+        replace_string1="strictCiphers=\"true\""
+	search_string2="sslOptions=\"ssl2=true,ssl3=true,tls=true\""
+        replace_string2="sslOptions=\"ssl2=false,ssl3=false,tls=true\""
+	#search_string4="clientAuth=\"want\""
+        #replace_string4="clientauth=\"want\""
+	rlRun "sed 's/$search_string1/$replace_string1/g' $ca_server_xml_file > $temp_file"
+	cp $temp_file $ca_server_xml_file
+	rlRun "sed 's/$search_string2/$replace_string2/g' $ca_server_xml_file > $temp_file"
+	cp $temp_file $ca_server_xml_file
+	rlRun "sed 's/$search_string3/$replace_string3/g' $ca_server_xml_file > $temp_file"
+        cp $temp_file $ca_server_xml_file
+	#rlRun "sed 's/$search_string4/$replace_string4/g' $ca_server_xml_file > $temp_file"
+        #cp $temp_file $ca_server_xml_file
+	chown pkiuser:pkiuser $ca_server_xml_file
+        cat $ca_server_xml_file | grep $replace_string1
+        if [ $? -eq 0 ] ; then
+		rlRun "modutil -dbdir /var/lib/pki/pki-ca-bug/ca/alias -fips true &"
+		rlRun "sleep 5"
+		rlRun "modutil -dbdir /var/lib/pki/pki-ca-bug/ca/alias -chkfips true > /tmp/chkfips.out"
+		rlAssertGrep "FIPS mode enabled." "/tmp/chkfips.out"
+		rlRun "systemctl start pki-tomcatd@pki-ca-bug.service"
+		rlRun "ssltap -sfx $CA_HOST:$CA_PORT > /tmp/new_cipher.out &"
+		rlRun "sleep 10"
+		rlLog "Executing: wget https://$CA_HOST:1924 --no-check-certificate"
+        rlRun "wget https://$CA_HOST:1924 --no-check-certificate"
+		cat $ca_server_xml_file | grep "+TLS_RSA_WITH_AES_256_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x0035) TLS/RSA/AES256-CBC/SHA"
+			if [ $? -eq 0 ]; then
+				rlPass "Bug Verified"
+			fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_RSA_WITH_AES_128_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x002f) TLS/RSA/AES128-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0xc00a) TLS/ECDHE-ECDSA/AES256-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0xc009) TLS/ECDHE-ECDSA/AES128-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0xc012) TLS/ECDHE-RSA/3DES-EDE-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0xc013) TLS/ECDHE-RSA/AES128-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0xc014) TLS/ECDHE-RSA/AES256-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x0032) TLS/DHE-DSS/AES128-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x0038) TLS/DHE-DSS/AES256-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x0033) TLS/DHE-RSA/AES128-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		cat $ca_server_xml_file | grep "+TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+		if [ $? -eq 0 ]; then
+			cat /tmp/new_cipher.out | grep "cipher_suite = (0x0039) TLS/DHE-RSA/AES256-CBC/SHA"
+                        if [ $? -eq 0 ]; then
+                                rlPass "Bug Verified"
+                        fi
+		fi
+		rlAssertNotGrep "$original_cipher" "/tmp/new_cipher.out"
+	else
+		rlLog "Config file modification failed"
+	fi
+     rlPhaseEnd
+
+}