CA Admin Porting tests

Internaldb, authplugin, acl, crlissuing point, agent-crl, publishing

8 files changed, 2431 insertions, 0 deletions

diff --git a/tests/dogtag/Makefile b/tests/dogtag/Makefile
index e7fe8583a..2ae7a06a9 100755
--- a/tests/dogtag/Makefile
+++ b/tests/dogtag/Makefile
@@ -246,6 +246,12 @@ build: $(BUILT_FILES)
 	# Legacy tests
 	chmod a+x ./acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh
 	chmod a+x ./acceptance/legacy/ca-tests/profiles/ca-profile.sh
+	chmod a+x ./acceptance/legacy/ca_tests/acls/ca-admin-acl.sh
+	chmod a+x ./acceptance/legacy/ca_tests/internaldb/ca-admin-internaldb.sh
+	chmod a+x ./acceptance/legacy/ca_tests/authplugin/ca-admin-authplugins.sh
+	chmod a+x ./acceptance/legacy/ca-tests/crlissuingpoints/ca-admin-crlissuingpoints.sh
+	chmod a+x ./acceptance/legacy/ca-tests/crls/ca-agent-crls.sh
+	chmod a+x ./acceptance/legacy/ca-tests/publishing/ca-admin-publishing.sh
 	# bug verifications
 	chmod a+x ./acceptance/bugzilla/tomcatjss-bugs/bug-1058366.sh
 	chmod a+x ./acceptance/bugzilla/tomcatjss-bugs/bug-1084224.sh
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/acls/ca-admin-acl.sh b/tests/dogtag/acceptance/legacy/ca-tests/acls/ca-admin-acl.sh
new file mode 100755
index 000000000..4b1af1ba3
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/acls/ca-admin-acl.sh
@@ -0,0 +1,94 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/acls/ca-admin-acl.sh
+#   Description: CA ACL tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+run_admin-ca-acl_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-admin-acl tests
+        rlPhaseStartSetup "pki_console_acl Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+        get_topo_stack $cs_Role $TmpDir/topo_file
+        local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+        local valid_admin_cert=$CA_INST\_adminV
+	local admin_out="$TmpDir/admin_out_acls"
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+
+	rlPhaseStartTest "pki_console_acl-001:CA - Admin Interface - list all ACLs"
+	header_001="$TmpDir/ca_acl_001.txt"
+	rlLog "List all ACLs"
+	local acls=(certServer.ca certServer.securitydomain certServer.log certServer.acl certServer.general certServer.ee certServer.ra certServer.admin certServer.ocsp certServer.auth certServer.clone certServer.policy certServer.publisher certServer.registry certServer.profile)
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header $header_001 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+		-d \"OP_TYPE=OP_SEARCH&OP_SCOPE=acls&\" \
+		-k https://$tmp_ca_host:$target_secure_port/ca/acl >> $admin_out" 0 "List all ACLs"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	for i in ${acls[@]}; do
+		rlAssertGrep "$i" "$admin_out"	
+	done
+	rlPhaseEnd
+
+	rlPhaseStartSetup "pki_console_acl-cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/authplugin/ca-admin-authplugins.sh b/tests/dogtag/acceptance/legacy/ca-tests/authplugin/ca-admin-authplugins.sh
new file mode 100755
index 000000000..08ca84d2b
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/authplugin/ca-admin-authplugins.sh
@@ -0,0 +1,313 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/ca-admin-authplugins.sh
+#   Description: CA Admin Auth Plugin tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+run_admin-ca-authplugin_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-admin-acl tests
+        rlPhaseStartSetup "pki_console_authplugin Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+        get_topo_stack $cs_Role $TmpDir/topo_file
+        local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+        local valid_admin_cert=$CA_INST\_adminV
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+	rlPhaseStartTest "pki_console_authplugin-001:CA - Admin Interface - list all auth plugin"
+	header_001="$TmpDir/ca_auth_001.txt"
+	rlLog "List all auth plugins"
+	local authlist=(raCertAuth AgentCertAuth SSLclientCertAuth flatFileAuth TokenAuth challengeAuthMgr certUserDBAuthMgr CMCAuth sslClientCertAuthMgr passwdUserDBAuthMgr)
+	admin_out="$TmpDir/admin_out_listauthplugin"
+	rlRun "curl --capath "$CERTDB_DIR" \
+		--dump-header $header_001 \
+		--basic --user "$valid_admin_user:$valid_admin_user_password" \
+		-d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+		-k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	for i in ${authlist[@]}; do
+		rlAssertGrep "$i" "$admin_out"	
+	done
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-002:CA - Admin Interface - view auth plugin"
+        local plugin_id="AgentCertAuth"
+	header_002="$TmpDir/ca_auth_002.txt"
+	admin_out="$TmpDir/admin_out_viewauthplugin"
+        rlLog "View auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_002 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=instance&RS_ID=$plugin_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "View auth plugin $plugin_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+	rlAssertGrep "implName=AgentCertAuth" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-003:CA - Admin Interface - Add agentcertauth auth plugin"
+        local plugin_id="plug$RANDOM"
+	header_003="$TmpDir/ca_auth_003.txt"
+	admin_out="$TmpDir/admin_out_addagentcertplug"
+        rlLog "Add auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_003 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=instance&RS_ID=$plugin_id&implName=AgentCertAuth&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Add auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_003"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_003 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_003"
+	rlAssertGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-004:CA - Admin Interface - Add cmccertauth plugin"
+        local plugin_id="plug$RANDOM"
+	header_004="$TmpDir/ca_auth_004.txt"
+	admin_out="$TmpDir/admin_out_addcmccertauth"
+        rlLog "Add auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_004 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=instance&RS_ID=$plugin_id&implName=CMCAuth&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Add cmccert auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_004"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_004 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_004"
+        rlAssertGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-005:CA - Admin Interface - Add uidpwddirauth plugin"
+	header_005="$TmpDir/ca_auth_005.txt"
+        local plugin_id="plug$RANDOM"
+	local OP_TYPE="OP_ADD"
+	local LDAP_HOST=`hostname`
+	local LDAP_DN_PATTERN="UID=test,OU=people,O=netscapecertificateserver"
+	local LDAP_STR_ATTR="mail"
+	local LDAP_MAX_CONNS="10"
+	local LDAP_MIN_CONNS="2"
+	local LDAP_SEC_CONN="false"
+	local LDAP_BYTE_ATTR="mail"
+	admin_out="$TmpDir/admin_out_adduidpwddirauth"
+        rlLog "Add uidpwddirauth auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_005 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UidPwdDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Add uidpwddirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_005 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+        rlAssertGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-006:CA - Admin Interface - edit uidpwddirauth plugin"
+	local OP_TYPE="OP_MODIFY"
+	header_006="$TmpDir/ca_auth_006.txt"
+	local LDAP_BYTE_ATTR="uid"
+	admin_out="$TmpDir/admin_out_edituidpwddirauth"
+        rlLog "Add auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UidPwdDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Edit uidpwddirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=instance&RS_ID=$plugin_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Verify uidpwddirauth auth plugin $plugin_id modification"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlAssertGrep "ldapByteAttributes=$LDAP_BYTE_ATTR" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-007:CA - Admin Interface - Add uidpwdpindirauth plugin"
+	header_007="$TmpDir/ca_auth_007.txt"
+        local plugin_id="plug$RANDOM"
+        local OP_TYPE="OP_ADD"
+	local LDAP_BYTE_ATTR="mail"
+	local LDAP_PIN_ATTR="pin"
+	admin_out="$TmpDir/admin_out_adduidpwdpinddirauth"
+        rlLog "Add uidpwdpindirauth auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UidPwdPinDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&pinAttr=$LDAP_PIN_ATTR&ldap.ldapauth.clientCertNickname=&ldap.ldapauth.bindDN=$LDAP_ROOTDN&removePin=false&ldap.ldapauth.authtype=BasicAuth&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Add uidpwdpindirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+        rlAssertGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-008:CA - Admin Interface - edit uidpwdpindirauth plugin"
+	header_008="$TmpDir/ca_auth_008.txt"
+        local OP_TYPE="OP_MODIFY"
+	local LDAP_BYTE_ATTR="uid"
+	admin_out="$TmpDir/admin_out_edituidpwdpindirauth"
+        rlLog "Add auth plugin $plugin_id"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UidPwdPinDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&pinAttr=$LDAP_PIN_ATTR&ldap.ldapauth.clientCertNickname=&ldap.ldapauth.bindDN=$LDAP_ROOTDN&removePin=false&ldap.ldapauth.authtype=BasicAuth&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Edit uidpwdpindirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=instance&RS_ID=$plugin_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Verify UidPwdPinDirAuth auth plugin $plugin_id modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+        rlAssertGrep "ldapByteAttributes=$LDAP_BYTE_ATTR" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-009:CA - Admin Interface - Add udnpwddirauth plugin"
+        local plugin_id="plug$RANDOM"
+	header_009="$TmpDir/ca_auth_009.txt"
+        local OP_TYPE="OP_ADD"
+        local LDAP_BYTE_ATTR="mail"
+	admin_out="$TmpDir/admin_out_addudnpwddirauth"
+        rlLog "Add udnpwddirauth auth plugin $plugin_id"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UdnPwdDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Add udnpwddirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlAssertGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-010:CA - Admin Interface - Edit udnpwddirauth plugin"
+	header_010="$TmpDir/ca_auth_010.txt"
+        local OP_TYPE="OP_MODIFY"
+        local LDAP_BYTE_ATTR="uid"
+	admin_out="$TmpDir/admin_out_editudnpwddirauth"
+        rlLog "Edit udnpwddirauth auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" \
+		--dump-header  $header_010 \
+		--basic --user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&implName=UdnPwdDirAuth&RULENAME=$plugin_id&ldap.ldapconn.host=$LDAP_HOST&dnpattern=$LDAP_DN_PATTERN&ldapStringAttributes=$LDAP_STR_ATTR&ldap.ldapconn.version=3&ldap.ldapconn.port=$ROOTCA_LDAP_PORT&ldap.maxConns=$LDAP_MAX_CONNS&ldap.basedn=$ROOTCA_DB_SUFFIX&ldap.minConns=$LDAP_MIN_CONNS&ldap.ldapconn.secureConn=$LDAP_SEC_CONN&ldapByteAttributes=$LDAP_BYTE_ATTR&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Edit udnpwddirauth auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_010 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=instance&RS_ID=$plugin_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Verify UdnPwdDirAuth auth plugin $plugin_id modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+        rlAssertGrep "ldapByteAttributes=$LDAP_BYTE_ATTR" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_authplugin-011:CA - Admin Interface - Delete auth plugin"
+        local OP_TYPE="OP_DELETE"
+	header_011="$TmpDir/ca_auth_011.txt"
+	admin_out="$TmpDir/admin_out_deleteauthplugin"
+        rlLog "Delete auth plugin $plugin_id"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=$OP_TYPE&OP_SCOPE=instance&RS_ID=$plugin_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "Delete auth plugin $plugin_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=instance&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/auths >> $admin_out" 0 "List all auth plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+        rlAssertNotGrep "$plugin_id" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartSetup "pki_console_acl-cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/crlissuingpoint/ca-admin-crlissuingpoints.sh b/tests/dogtag/acceptance/legacy/ca-tests/crlissuingpoint/ca-admin-crlissuingpoints.sh
new file mode 100755
index 000000000..aae21587f
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/crlissuingpoint/ca-admin-crlissuingpoints.sh
@@ -0,0 +1,521 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/crlissuingpoints/ca-admin-crlissuingpoints.sh
+#   Description: CA Admin CRL Issuing Point tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+run_admin-ca-crlissuingpoints_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-admin-internaldb tests
+        rlPhaseStartSetup "pki_console_internaldb Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+        get_topo_stack $cs_Role $TmpDir/topo_file
+        local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+        local valid_admin_cert=$CA_INST\_adminV
+	local crl_ip_id="crl02"
+	local crl_ip_desc="testdescription"
+	local crl_ip_enable="true"
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+	rlPhaseStartTest "pki_console_add_crl_issuing_point-001:CA - Admin Interface - add crl issuing point"
+	local admin_out="$TmpDir/admin_out_addcrlip"
+	header_001="$TmpDir/ca_cip_001.txt"
+	rlLog "Add crl issuing point"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_001 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+		-d \"OP_TYPE=OP_ADD&OP_SCOPE=crlIPs&RS_ID=$crl_ip_id&id=$crl_ip_id&description=$crl_ip_desc&enable=$crl_ip_enable&\" \
+		-k https://$tmp_ca_host:$target_secure_port/ca/caadmin > $admin_out" 0 "Add crl issuing point"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	rlAssertGrep "id=$crl_ip_id" "$admin_out"
+	rlAssertGrep "description=$crl_ip_desc" "$admin_out"
+	rlAssertGrep "enable=$crl_ip_enable" "$admin_out"
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_crl_issuing_point-002:CA - Admin Interface - edit crl issuing point"
+	local admin_out="$TmpDir/admin_out_edit_crlip"
+	header_002="$TmpDir/ca_cip_002.txt"
+	crl_ip_desc="testdescriptionmodified"
+        rlLog "Edit crl issuing point"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_002 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlIPs&RS_ID=$crl_ip_id&id=$crl_ip_id&description=$crl_ip_desc&enable=$crl_ip_enable&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit crl issuing point"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+        rlAssertGrep "id=$crl_ip_id" "$admin_out"
+        rlAssertGrep "description=$crl_ip_desc" "$admin_out"
+        rlAssertGrep "enable=$crl_ip_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_list_all_crl_issuing_point-003:CA - Admin Interface - List all crl issuing point"
+	local admin_out="$TmpDir/admin_out_list_crlip"
+	header_003="$TmpDir/ca_cip_003.txt"
+        rlLog "List all crl issuing point"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_003 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=crlIPs&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "List crl issuing points"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_003"
+	rlAssertGrep "$crl_ip_id=$crl_ip_desc" "$admin_out"
+	rlAssertGrep "$crl_ip_id.enable=$crl_ip_enable" "$admin_out"
+        rlAssertGrep "MasterCRL" "$admin_out"
+	rlAssertGrep "MasterCRL.enable=true" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_crl_update_info-004:CA - Admin Interface - Read CRL update info"
+	local admin_out="$TmpDir/admin_out_read_crl_update_info"
+	header_004="$TmpDir/ca_cip_004.txt"
+        rlLog "Read CRL update info"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_004 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLUpdates=&updateSchema=&extendedNextUpdate=&alwaysUpdate=&enableDailyUpdates=&dailyUpdates=&enableUpdateInterval=&autoUpdateInterval=&nextUpdateGracePeriod=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL Update info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_004"
+	rlAssertGrep "enableCRLUpdates=true" "$admin_out"
+	rlAssertGrep "updateSchema=1" "$admin_out"
+	rlAssertGrep "extendedNextUpdate=true" "$admin_out"
+	rlAssertGrep "alwaysUpdate=false" "$admin_out"
+	rlAssertGrep "enableDailyUpdates=false" "$admin_out"
+	rlAssertGrep "dailyUpdates=3:45" "$admin_out"
+	rlAssertGrep "enableUpdateInterval=true" "$admin_out"
+	rlAssertGrep "autoUpdateInterval=240" "$admin_out"
+	rlAssertGrep "nextUpdateGracePeriod=0" "$admin_out"
+	rlAssertGrep "defaultSigningAlgorithm=SHA512withRSA" "$admin_out"
+	rlAssertGrep "allSigningAlgorithms=SHA1withRSA:SHA256withRSA:SHA512withRSA:MD5withRSA:MD2withRSA" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_crl_cache_info-005:CA - Admin Interface - Read CRL cache info"
+	header_005="$TmpDir/ca_cip_005.txt"
+	local admin_out="$TmpDir/admin_out_read_crl_cache_info"
+        rlLog "Read CRL cache info"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_005 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLCache=&cacheUpdateInterval=&enableCacheRecovery=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL Cache info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+	rlAssertGrep "enableCRLCache=true" "$admin_out"
+	rlAssertGrep "cacheUpdateInterval=15" "$admin_out"
+	rlAssertGrep "enableCacheRecovery=true" "$admin_out"
+	rlAssertGrep "defaultSigningAlgorithm=SHA512withRSA" "$admin_out"
+	rlAssertGrep "allSigningAlgorithms=SHA1withRSA:SHA256withRSA:SHA512withRSA:MD5withRSA:MD2withRSA" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_crl_format_info-006:CA - Admin Interface - Read CRL format info"
+	header_006="$TmpDir/ca_cip_006.txt"
+	local admin_out="$TmpDir/admin_out_read_crl_format_info"
+        rlLog "Read CRL format info"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&allowExtensions=&signingAlgorithm=&includeExpiredCerts=&caCertsOnly=&profileCertsOnly=&profileList=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL format info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlAssertGrep "allowExtensions=true" "$admin_out"
+	rlAssertGrep "signingAlgorithm=SHA256withRSA" "$admin_out"
+	rlAssertGrep "includeExpiredCerts=false" "$admin_out"
+	rlAssertGrep "caCertsOnly=false" "$admin_out"
+	rlAssertGrep "profileCertsOnly=" "$admin_out"
+	rlAssertGrep "profileList=" "$admin_out"
+	rlAssertGrep "defaultSigningAlgorithm=SHA512withRSA" "$admin_out"
+	rlAssertGrep "allSigningAlgorithms=SHA1withRSA:SHA256withRSA:SHA512withRSA:MD5withRSA:MD2withRSA" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_crl_update_info-007:CA - Admin Interface - Edit CRL update info"
+	header_007="$TmpDir/ca_cip_007.txt"
+	local admin_out="$TmpDir/admin_out_edit_crl_update_info"
+	enable_crl_update="true"
+	update_schema="1"
+	extended_next_update="true"
+	always_update="false"
+	enable_daily_updates="false"
+	daily_update_time="3:45"
+	enable_update_interval="true"
+	auto_update_interval="240"
+	next_update_grace_period="1"
+        rlLog "Edit CRL update info"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLUpdates=$enable_crl_update&updateSchema=$update_schema&extendedNextUpdate=$extended_next_update&alwaysUpdate=$always_update&enableDailyUpdates=$enable_daily_updates&dailyUpdates=$daily_update_time&enableUpdateInterval=$enable_update_interval&autoUpdateInterval=$auto_update_interval&nextUpdateGracePeriod=$next_update_grace_period&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit CRL Update info"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLUpdates=&updateSchema=&extendedNextUpdate=&alwaysUpdate=&enableDailyUpdates=&dailyUpdates=&enableUpdateInterval=&autoUpdateInterval=&nextUpdateGracePeriod=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL Update info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+	rlAssertGrep "enableCRLUpdates=$enable_crl_update" "$admin_out"
+        rlAssertGrep "updateSchema=$update_schema" "$admin_out"
+        rlAssertGrep "extendedNextUpdate=$extended_next_update" "$admin_out"
+        rlAssertGrep "alwaysUpdate=$always_update" "$admin_out"
+        rlAssertGrep "enableDailyUpdates=$enable_daily_updates" "$admin_out"
+        rlAssertGrep "dailyUpdates=$daily_update_time" "$admin_out"
+        rlAssertGrep "enableUpdateInterval=$enable_update_interval" "$admin_out"
+        rlAssertGrep "autoUpdateInterval=$auto_update_interval" "$admin_out"
+        rlAssertGrep "nextUpdateGracePeriod=$next_update_grace_period" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_crl_cache_info-008:CA - Admin Interface - Edit CRL cache info"
+	header_008="$TmpDir/ca_cip_008.txt"
+        local admin_out="$TmpDir/admin_out_edit_crl_cache_info"
+	enable_crl_cache="true"
+	cache_update_interval="15"
+	enable_cache_recovery="true"
+        rlLog "Edit CRL cache info"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLCache=$enable_crl_cache&cacheUpdateInterval=$cache_update_interval&enableCacheRecovery=$enable_cache_recovery&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit CRL Cache info"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&enableCRLCache=&cacheUpdateInterval=&enableCacheRecovery=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL Cache info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+        rlAssertGrep "enableCRLCache=$enable_crl_cache" "$admin_out"
+        rlAssertGrep "cacheUpdateInterval=$cache_update_interval" "$admin_out"
+        rlAssertGrep "enableCacheRecovery=$enable_cache_recovery" "$admin_out"
+        rlAssertGrep "defaultSigningAlgorithm=SHA512withRSA" "$admin_out"
+        rlAssertGrep "allSigningAlgorithms=SHA1withRSA:SHA256withRSA:SHA512withRSA:MD5withRSA:MD2withRSA" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_crl_format_info-009:CA - Admin Interface - Edit CRL format info"
+	header_009="$TmpDir/ca_cip_009.txt"
+        local admin_out="$TmpDir/admin_out_edit_crl_format_info"
+	allow_extensions="true"
+	include_expired_certs="false"
+	ca_certs_only="false"
+	profile_certs_only="true"
+	profile_list="caUserCert"
+	signing_algorithm="SHA256withRSA"
+        rlLog "Edit CRL format info"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crl&RS_ID=$crl_ip_id&allowExtensions=$allow_extensions&signingAlgorithm=$signing_algorithm&includeExpiredCerts=$include_expired_certs&caCertsOnly=$ca_certs_only&profileCertsOnly=$profile_certs_only&profileList=$profile_list&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit CRL Format info"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crl&RS_ID=$crl_ip_id&allowExtensions=&signingAlgorithm=&includeExpiredCerts=&caCertsOnly=&profileCertsOnly=&profileList=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Read CRL format info"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlAssertGrep "allowExtensions=$allow_extensions" "$admin_out"
+        rlAssertGrep "signingAlgorithm=$signing_algorithm" "$admin_out"
+        rlAssertGrep "includeExpiredCerts=$include_expired_certs" "$admin_out"
+        rlAssertGrep "caCertsOnly=$ca_certs_only" "$admin_out"
+        rlAssertGrep "profileCertsOnly=$profile_certs_only" "$admin_out"
+        rlAssertGrep "profileList=$profile_list" "$admin_out"
+        rlAssertGrep "defaultSigningAlgorithm=SHA512withRSA" "$admin_out"
+        rlAssertGrep "allSigningAlgorithms=SHA1withRSA:SHA256withRSA:SHA512withRSA:MD5withRSA:MD2withRSA" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_list_all_crl_extensions-010:CA - Admin Interface - List all crl extensions"
+	header_010="$TmpDir/ca_cip_010.txt"
+        local admin_out="$TmpDir/admin_out_list_crl_extension"
+        rlLog "List all crl extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_010 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=crlExtsRules&RS_ID=$crl_ip_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "List all crl extensions"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+	rlAssertGrep "AuthorityInformationAccess=AuthorityInformationAccess:visible:disabled" "$admin_out"
+	rlAssertGrep "AuthorityKeyIdentifier=AuthorityKeyIdentifier:visible:enabled" "$admin_out"
+	rlAssertGrep "CRLNumber=CRLNumber:visible:enabled" "$admin_out"
+	rlAssertGrep "CRLReason=CRLReason:visible:enabled" "$admin_out"
+	rlAssertGrep "DeltaCRLIndicator=DeltaCRLIndicator:visible:disabled" "$admin_out"
+	rlAssertGrep "FreshestCRL=FreshestCRL:visible:disabled" "$admin_out"
+	rlAssertGrep "InvalidityDate=InvalidityDate:visible:enabled" "$admin_out"
+	rlAssertGrep "IssuerAlternativeName=IssuerAlternativeName:visible:disabled" "$admin_out"
+	rlAssertGrep "IssuingDistributionPoint=IssuingDistributionPoint:visible:disabled" "$admin_out"
+        rlPhaseEnd
+
+
+        rlPhaseStartTest "pki_console_edit_crl_reason_extension-011:CA - Admin Interface - Edit crl reason extension"
+	header_011="$TmpDir/ca_cip_011.txt"
+        local admin_out="$TmpDir/admin_out_edit_crl_reason_extension"
+        crl_reason_enable="true"
+        crl_reason_status="enabled"
+        crl_reason_critical="false"
+        rlLog "Edit crl reason extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=CRLReason&id=$crl_ip_id&implName=CMSCRLReasonExtension&enable=$crl_reason_enable&critical=$crl_reason_critical&RULENAME=CRLReason&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit crl reason extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=crlExtsRules&RS_ID=$crl_ip_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "List all crl extensions"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+        rlAssertGrep "CRLReason=CRLReason:visible:$crl_reason_status" "$admin_out"
+	rlLog "https://fedorahosted.org/pki/ticket/1189"
+        rlPhaseEnd
+
+        rlPhaseStartTest "pki_console_edit_delta_crl_extension-012:CA - Admin Interface - Edit delta crl extension"
+	header_012="$TmpDir/ca_cip_012.txt"
+        local admin_out="$TmpDir/admin_out_edit_delta_crl_extension"
+        delta_crl_enable="true"
+        delta_crl_critical="false"
+        rlLog "Edit delta crl extension"
+        rlRun "curl --capath "$CERTDB_DIR" \
+		--dump-header  $header_012 \
+		--basic --user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=DeltaCRLIndicator&id=$crl_ip_id&implName=CMSDeltaCRLIndicatorExtension&enable=$delta_crl_enable&critical=$delta_crl_critical&RULENAME=DeltaCRLIndicator&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit delta crl extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_012"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_012 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=DeltaCRLIndicator&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_012"
+        rlAssertGrep "enable=$delta_crl_enable" "$admin_out"
+        rlPhaseEnd
+
+        rlPhaseStartTest "pki_console_edit_issuer_alternative_name_extension-013:CA - Admin Interface - Edit issuer alternative name extension"
+	header_013="$TmpDir/ca_cip_013.txt"
+        local admin_out="$TmpDir/admin_out_edit_issuer_alternative_name_extension"
+        ian_enable="true"
+        ian_critical="false"
+        ian_name="http://www.redhat.com"
+        ian_name_type="URI"
+        rlLog "Edit Issuer Alternative Name extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_013 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=IssuerAlternativeName&implName=CMSIssuerAlternativeNameExtension&id=$crl_ip_id&enable=$ian_enable&critical=$ian_critical&RULENAME=IssuerAlternativeName&numNames=1&name0=$ian_name&nameType0=$ian_name_type&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit Issuer Alternative name extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_013"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_013 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=IssuerAlternativeName&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_013"
+        rlAssertGrep "enable=$ian_enable" "$admin_out"
+        rlPhaseEnd
+
+        rlPhaseStartTest "pki_console_edit_invalidity_date_extension-014:CA - Admin Interface - Edit invalidity date extension"
+	header_014="$TmpDir/ca_cip_014.txt"
+        local admin_out="$TmpDir/admin_out_edit_invalidity_date_extension"
+        inv_date_enable="true"
+        inv_date_critical="false"
+        rlLog "Edit invalidity date extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_014 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=InvalidityDate&implName=CMSInvalidityDateExtension&id=$crl_ip_id&enable=$inv_date_enable&critical=$inv_date_critical&RULENAME=InvalidityDate&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit Invalidity Date extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_014"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_014 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=InvalidityDate&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_014"
+        rlAssertGrep "enable=$inv_date_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_authority_key_identifier_extension-015:CA - Admin Interface - Edit authority key identifier extension"
+	header_015="$TmpDir/ca_cip_015.txt"
+        local admin_out="$TmpDir/admin_out_edit_authority_key_identifier_extension"
+        aki_enable="true"
+        aki_critical="false"
+        rlLog "Edit authority key identifier extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_015 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=AuthorityKeyIdentifier&implName=CMSAuthorityKeyIdentifierExtension&id=$crl_ip_id&enable=$aki_enable&critical=$aki_critical&RULENAME=AuthorityKeyIdentifier&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit Authority Key Identifier extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_015"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_015 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=AuthorityKeyIdentifier&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_015"
+        rlAssertGrep "enable=$aki_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_freshest_crl_extension-016:CA - Admin Interface - Edit freshest crl extension"
+	header_016="$TmpDir/ca_cip_016.txt"
+        local admin_out="$TmpDir/admin_out_edit_freshest_crl_extension"
+        fcrl_enable="true"
+        fcrl_critical="false"
+	fcrl_name="http://www.redhat.com"
+	fcrl_name_type="URI"
+        rlLog "Edit freshest crl extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_016 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=FreshestCRL&implName=CMSFreshestCRLExtension&id=$crl_ip_id&enable=$fcrl_enable&critical=$fcrl_critical&RULENAME=FreshestCRL&numPoints=1&point0=$fcrl_name&pointType0=$fcrl_name_type&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit Freshest CRL extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_016"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_016 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=FreshestCRL&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_016"
+        rlAssertGrep "enable=$fcrl_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_crl_number_extension-017:CA - Admin Interface - Edit CRL number extension"
+	header_017="$TmpDir/ca_cip_017.txt"
+        local admin_out="$TmpDir/admin_out_edit_crl_number_extension"
+        cnum_enable="true"
+        cnum_critical="false"
+        rlLog "Edit CRL number extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_017 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=CRLNumber&implName=CMSCRLNumberExtension&id=$crl_ip_id&enable=$cnum_enable&critical=$cnum_critical&RULENAME=CRLNumber&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit CRL Number extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_017"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_017 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=CRLNumber&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_017"
+        rlAssertGrep "enable=$cnum_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_issuing_distribution_point_extension-018:CA - Admin Interface - Edit Issuing Distribution Point extension"
+	header_018="$TmpDir/ca_cip_018.txt"
+        local admin_out="$TmpDir/admin_out_issuing_dp_extension"
+        idp_enable="true"
+        idp_critical="false"
+	idp_point_name="http://www.redhat.com"
+	idp_point_type="URI"
+	idp_only_ca_certs="true"
+	idp_indirect_crl="true"
+	idp_reasons="keyCompromise\,certificateHold"
+	idp_only_user_certs="true"
+        rlLog "Edit Issuing Distribution Point extension"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_018 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=crlExtsRules&RS_ID=IssuingDistributionPoint&implName=CMSIssuingDistributionPointExtension&id=$crl_ip_id&enable=$idp_enable&critical=$idp_critical&RULENAME=IssuingDistributionPoint&pointType=$idp_point_type&onlyContainsCACerts=$idp_only_ca_certs&pointName=$idp_point_name&onlySomeReasons=$idp_reasons&indirectCRL=$idp_indirect_crl&onlyContainsUserCerts=$idp_only_user_certs&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Edit CRL Number extension"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_018"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_018 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=crlExtsRules&RS_ID=IssuingDistributionPoint&$crl_ip_id=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Verify Modification"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_018"
+        rlAssertGrep "enable=$idp_enable" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_delete_crl_issuing_point-019:CA - Admin Interface - delete crl issuing point"
+	header_019="$TmpDir/ca_cip_019.txt"
+        local admin_out="$TmpDir/admin_out_deletecrl"
+        rlLog "Delete crl issuing point"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_019 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=crlIPs&RS_ID=$crl_ip_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "Delete crl issuing point"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_019"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_019 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=crlIPs&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $admin_out" 0 "List crl issuing points"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_019"
+        rlAssertNotGrep "$crl_ip_id" "$admin_out"
+        rlPhaseEnd
+	
+	rlPhaseStartSetup "pki_console_crlip_cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/crls/ca-agent-crls.sh b/tests/dogtag/acceptance/legacy/ca-tests/crls/ca-agent-crls.sh
new file mode 100755
index 000000000..c0b2bbf99
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/crls/ca-agent-crls.sh
@@ -0,0 +1,312 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/crls/ca-agent-crls.sh
+#   Description: CA Agent CRL tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+. /opt/rhqa_pki/pki-auth-plugin-lib.sh
+
+run_agent-ca-crls_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-agent-crls tests
+        rlPhaseStartSetup "pki_console_internaldb Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+	get_topo_stack $cs_Role $TmpDir/topo_file
+	local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_agent=$CA_INST\_agentV
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+        local valid_agent_cert=$CA_INST\_agentV
+        local valid_audit_cert=$CA_INST\_auditV
+        local valid_operator_cert=$CA_INST\_operatorV
+        local valid_admin_cert=$CA_INST\_adminV
+	local cert_find_info="$TmpDir/cert_find_info"
+        local revoked_agent_cert=$CA_INST\_agentR
+        local revoked_admin_cert=$CA_INST\_adminR
+        local expired_admin_cert=$CA_INST\_adminE
+        local expired_agent_cert=$CA_INST\_agentE
+        local TEMP_NSS_DB="$TmpDir/nssdb"
+        local TEMP_NSS_DB_PWD="redhat"
+        local cert_info="$TmpDir/cert_info"
+        local ca_profile_out="$TmpDir/ca-profile-out"
+        local cert_out="$TmpDir/cert-show.out"
+        local rand=$RANDOM
+        local tmp_junk_data=$(openssl rand -base64 50 |  perl -p -e 's/\n//')
+	local SSL_DIR=$CERTDB_DIR
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+	rlPhaseStartTest "pki_ca_agent_display_crl_entire_crl-001:CA - Agent Interface - Display Master CRL with entire CRL display type"
+	local test_out="$TmpDir/admin_out_displaycrl_entireCRL"
+	header_001="$TmpDir/ca_crls_001.txt"
+	crl_ip="MasterCRL"
+	crl_display_type="entireCRL"
+	rlLog "Display Master CRL with entire CRL display type"
+	rlRun "export SSL_DIR=$CERTDB_DIR"
+	rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_001 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	rlAssertGrep "header.crlIssuingPoint = \"$crl_ip\"" "$test_out"
+	rlAssertGrep "header.crlDisplayType = \"$crl_display_type\"" "$test_out"
+	rlAssertGrep "Version:" "$test_out"
+	rlAssertGrep "Signature Algorithm:" "$test_out"
+	rlAssertGrep "Issuer:" "$test_out"
+	rlAssertGrep "Signature:" "$test_out"
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_ca_agent_display_crl_cached_crl-002:CA - Agent Interface - Display a newly added CRL with cached CRL display type"
+        local test_out="$TmpDir/admin_out_displaycrl_cachedCRL"
+	header_002="$TmpDir/ca_crls_002.txt"
+        crl_ip="testcrl"
+        crl_display_type="cachedCRL"
+	rlLog "Add a new CRL issuing point"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_002 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=crlIPs&RS_ID=$crl_ip&id=$crl_ip&description=$crl_ip&enable=true&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin > $test_out" 0 "Add crl issuing point"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+        rlLog " Display a newly added CRL with cached CRL display type"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_002 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+        rlAssertGrep "header.crlIssuingPoint = \"$crl_ip\"" "$test_out"
+        rlAssertGrep "header.crlDisplayType = \"$crl_display_type\"" "$test_out"
+        rlAssertGrep "Signature Algorithm:" "$test_out"
+        rlAssertGrep "Issuer:" "$test_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_ca_agent_display_crl_crl_header-003:CA - Agent Interface - Display a CRL with CRL header display type"
+        local test_out="$TmpDir/admin_out_displaycrl_CRLHeader"
+	header_003="$TmpDir/ca_crls_003.txt"
+        crl_display_type="crlHeader"
+        rlLog " Display a CRL with CRL Header display type"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_003 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_003"
+        rlAssertGrep "header.crlIssuingPoint = \"$crl_ip\"" "$test_out"
+        rlAssertGrep "header.crlDisplayType = \"$crl_display_type\"" "$test_out"
+	rlAssertGrep "Version:" "$test_out"
+        rlAssertGrep "Signature Algorithm:" "$test_out"
+        rlAssertGrep "Issuer:" "$test_out"
+        rlAssertGrep "Signature:" "$test_out"
+        rlPhaseEnd
+4
+	rlPhaseStartTest "pki_ca_agent_display_crl_base64-004:CA - Agent Interface - Display a CRL with base64 encoded display type"
+        local test_out="$TmpDir/admin_out_displaycrl_base64"
+	header_004="$TmpDir/ca_crls_004.txt"
+       crl_display_type="base64Encoded"
+        rlLog " Display a CRL with base64 encoded display type"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_004 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_004"
+        rlAssertGrep "header.crlIssuingPoint = \"$crl_ip\"" "$test_out"
+        rlAssertGrep "header.crlDisplayType = \"$crl_display_type\"" "$test_out"
+	rlAssertGrep "BEGIN CERTIFICATE REVOCATION LIST" "$test_out"
+	rlAssertGrep "END CERTIFICATE REVOCATION LIST" "$test_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_ca_agent_update_crl-005:CA - Agent Interface - Update CRL"
+        local test_out="$TmpDir/admin_out_updatecrl"
+	header_005="$TmpDir/ca_crls_005.txt"
+	local waitForUpdate="true"
+	local signatureAlgorithm="SHA256withRSA"
+	local crlNumber="1"
+	local crl_display_type="entireCRL"
+        rlLog " Display CRL and note the CRL number"
+	rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_005 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+	rlAssertGrep "header.crlNumber = \"$crlNumber\"" "$test_out"
+	rlLog "Update CRL"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_005 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"crlIssuingPoint=$crl_ip&waitForUpdate=$waitForUpdate&signatureAlgorithm=$signatureAlgorithm&\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/updateCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+	crlNumber=$((crlNumber + 1))
+	rlLog " Display CRL to verify the updated CRL number"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_005 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=$crl_ip&pageStart=1&crlDisplayType=$crl_display_type\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+        rlAssertGrep "header.crlNumber = \"$crlNumber\"" "$test_out"
+
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_005 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=crlIPs&RS_ID=$crl_ip&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/caadmin >> $test_out" 0 "Delete crl issuing point"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_ca_agent_update_ds-006:CA - Agent Interface - Update DS"
+        local test_out="$TmpDir/admin_out_updateds"
+	header_006="$TmpDir/ca_crls_006.txt"
+	local dn_pattern="uid=\$subj.cn,ou=people,$(eval echo \$${CA_INST}_DB_SUFFIX)"
+	local ldap_host=`hostname`
+        local ldap_port=$(eval echo \$${CA_INST}_LDAP_PORT)
+        local ldap_bind=$LDAP_ROOTDN
+        local ldap_bind_pwd=$LDAP_ROOTDNPWD
+        local ldap_secure="false"
+        local ldap_prompt="CA LDAP Publishing"
+        local ldap_authtype="BasicAuth"
+        rlLog "Edit LDAP ca cert mapper"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RULENAME=LdapCaCertMap&createCAEntry=true&implName=LdapCaSimpleMap&dnPattern=$dn_pattern&RD_ID=LdapCaCertMap&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $test_out" 0 "Edit LdapCaCertMapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlLog "Edit LDAP user cert mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RULENAME=LdapUserCertMap&implName=LdapSimpleMap&dnPattern=$dn_pattern&RD_ID=LdapUserCertMap&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $test_out" 0 "Edit LdapUserCertMapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlLog "Edit LDAP crl mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RULENAME=LdapCrlMap&implName=LdapCaSimpleMap&dnPattern=$dn_pattern&RD_ID=LdapCrlMap&createCAEntry=true&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $test_out" 0 "Edit LdapCrlMapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+
+	rlLog "Enable Publishing with Basic Auth"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_PROCESS&OP_SCOPE=ldap&RD_ID=RD_ID_CONFIG&publishingEnable=true&enable=true&ldapconn.host=$ldap_host&ldapconn.port=$ldap_port&ldapconn.secureConn=$ldap_secure&ldapauth.bindPWPrompt=$ldap_prompt&ldapauth.bindDN=$ldap_bind&directoryManagerPwd=$ldap_bind_pwd&ldapconn.version=3&ldapauth.authtype=$ldap_authtype&ldapauth.clientCertNickname=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $test_out" 0 "Enable Publishing with Basic Auth"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlLog "Save LDAP auth config"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=ldap&RD_ID=RD_ID_CONFIG&publishingEnable=true&enable=true&ldapconn.host=$ldap_host&ldapconn.port=$ldap_port&ldapconn.secureConn=$ldap_secure&ldapauth.bindPWPrompt=$ldap_prompt&ldapauth.bindDN=$ldap_bind&directoryManagerPwd=$ldap_bind_pwd&ldapconn.version=3&ldapauth.authtype=$ldap_authtype&ldapauth.clientCertNickname=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $test_out" 0 "Save Ldap auth config"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	
+	rlLog "Generate a user cert and revoke the cert"
+	rlRun "generate_new_cert tmp_nss_db:$TEMP_NSS_DB tmp_nss_db_pwd:$TEMP_NSS_DB_PWD request_type:crmf \
+        algo:rsa key_size:2048 subject_cn:\"Test User\" subject_uid:testuser subject_email:testuser@example.org \
+        organizationalunit:Engineering organization:Example.Inc country:US archive:false req_profile:caUserCert \
+        target_host:$tmp_ca_host protocol: port:$target_unsecure_port cert_db_dir:$CERTDB_DIR cert_db_pwd:$CERTDB_DIR_PASSWORD \
+        certdb_nick:\"$valid_agent_cert\" cert_info:$cert_info"
+        local valid_crmf_serialNumber=$(cat $cert_info| grep cert_serialNumber | cut -d- -f2)
+        local valid_decimal_crmf_serialNumber=$(cat $cert_info| grep decimal_valid_serialNumber | cut -d- -f2)
+	rlLog "Display CRL"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_006 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=MasterCRL&pageStart=1&crlDisplayType=entireCRL\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+        rlAssertNotGrep "Serial Number: $valid_crmf_serialNumber" "$test_out"
+	rlRun "pki -d $CERTDB_DIR/ \
+                           -n \"$valid_agent_cert\" \
+                           -c $CERTDB_DIR_PASSWORD \
+                           -h $tmp_ca_host \
+                           -p $target_unsecure_port \
+                            cert-revoke $valid_crmf_serialNumber --force"
+
+	rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_006 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"expiredTo=&updateCRL=yes&validFrom=&expiredFrom=&validTo=&revokedTo=&revokedFrom=&\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/updateDir > /tmp/updateds"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlLog "Update CRL"
+        rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_006 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"crlIssuingPoint=MasterCRL&signatureAlgorithm=$signatureAlgorithm&\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/updateCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlRun "curl --cacert $CERTDB_DIR/ca_cert.pem  \
+		--dump-header  $header_006 \
+                -E \"$valid_agent_cert:$CERTDB_DIR_PASSWORD\" \
+                -d \"pageSize=50&crlIssuingPoint=MasterCRL&pageStart=1&crlDisplayType=entireCRL\"  \
+                https://$tmp_ca_host:$target_secure_port/ca/agent/ca/displayCRL > $test_out"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	local STRIP_HEX=$(echo $valid_crmf_serialNumber | cut -dx -f2)
+        local CONV_UPP_VAL=${STRIP_HEX^^}
+	valid_serial="0x$CONV_UPP_VAL"
+	rlAssertGrep "Serial Number: $valid_serial" "$test_out"
+	rlPhaseEnd
+
+	rlPhaseStartSetup "pki_console_crlip_cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/internaldb/ca-admin-internaldb.sh b/tests/dogtag/acceptance/legacy/ca-tests/internaldb/ca-admin-internaldb.sh
new file mode 100755
index 000000000..10413e1b3
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/internaldb/ca-admin-internaldb.sh
@@ -0,0 +1,118 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/internaldb/ca-admin-internaldb.sh
+#   Description: CA Admin Internal DB tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+run_admin-ca-intdb_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-admin-internaldb tests
+        rlPhaseStartSetup "pki_console_internaldb Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+        get_topo_stack $cs_Role $TmpDir/topo_file
+        local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+        local valid_admin_cert=$CA_INST\_adminV
+	local admin_out="$TmpDir/admin_out"
+	local ldap_host=`hostname`
+	local ldap_port=$(eval echo \$${CA_INST}_LDAP_PORT)
+	local ldap_bind="cn=Directory Manager"
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+	rlPhaseStartTest "pki_console_list_intdb-001:CA - Admin Interface - list internaldb"
+	header_001="$TmpDir/ca_intdb_001.txt"
+	rlLog "List internal db"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_001 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+		-d \"OP_TYPE=OP_READ&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&ldapconn.host=&ldapconn.port=&ldapconn.bindDN=&ldapconn.version=&\" \
+		-k https://$tmp_ca_host:$target_secure_port/ca/server >> $admin_out" 0 "List internal DB"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	rlAssertGrep "ldapconn.host=localhost" "$admin_out"
+	rlAssertGrep "ldapconn.port=$(eval echo \$${CA_INST}_LDAP_PORT)" "$admin_out"
+	rlAssertGrep "ldapconn.bindDN=" "$admin_out"
+	rlAssertGrep "ldapconn.version=" "$admin_out"
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_intdb-002:CA - Admin Interface - edit internaldb"
+        rlLog "Edit internal db"
+	header_002="$TmpDir/ca_intdb_002.txt"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_002 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&ldapconn.host=$ldap_host&ldapconn.port=$ldap_port&ldapconn.bindDN=$ldap_bind&ldapconn.version=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/server" 0 "Edit internal DB"
+	rlRun "curl --capath "$CERTDB_DIR" --basic --user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&ldapconn.host=&ldapconn.port=&ldapconn.bindDN=&ldapconn.version=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/server >> $admin_out" 0 "List internal DB"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+        rlAssertGrep "ldapconn.host=$ldap_host" "$admin_out"
+        rlAssertGrep "ldapconn.port=$ldap_port" "$admin_out"
+        rlAssertGrep "ldapconn.bindDN=cn\%3DDirectoryManager" "$admin_out"
+        rlAssertGrep "ldapconn.version=" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic --user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&ldapconn.host=localhost&ldapconn.port=$ldap_port&ldapconn.bindDN=&ldapconn.version=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/server" 0 "Edit internal DB"
+        rlPhaseEnd
+
+	rlPhaseStartSetup "pki_console_internaldb-cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/acceptance/legacy/ca-tests/publishing/ca-admin-publishing.sh b/tests/dogtag/acceptance/legacy/ca-tests/publishing/ca-admin-publishing.sh
new file mode 100755
index 000000000..7794afeff
--- /dev/null
+++ b/tests/dogtag/acceptance/legacy/ca-tests/publishing/ca-admin-publishing.sh
@@ -0,0 +1,1021 @@
+#!/bin/bash
+# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/rhcs/acceptance/legacy/ca_tests/publishing/ca-admin-publishing.sh
+#   Description: CA publishing tests
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Author: Roshni Pattath <rpattath@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2013 Red Hat, Inc. All rights reserved.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include rhts environment
+. /usr/bin/rhts-environment.sh
+. /usr/share/beakerlib/beakerlib.sh
+. /opt/rhqa_pki/rhcs-shared.sh
+. /opt/rhqa_pki/pki-cert-cli-lib.sh
+. /opt/rhqa_pki/env.sh
+
+run_admin-ca-publishing_tests()
+{
+        local cs_Type=$1
+        local cs_Role=$2
+        
+	# Creating Temporary Directory for ca-admin-internaldb tests
+        rlPhaseStartSetup "pki_console_internaldb Temporary Directory"
+        rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
+        rlRun "pushd $TmpDir"
+        rlPhaseEnd
+
+        # Local Variables
+        get_topo_stack $cs_Role $TmpDir/topo_file
+        local CA_INST=$(cat $TmpDir/topo_file | grep MY_CA | cut -d= -f2)
+        local target_unsecure_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local target_secure_port=$(eval echo \$${CA_INST}_SECURE_PORT)
+        local tmp_ca_admin=$CA_INST\_adminV
+        local tmp_ca_port=$(eval echo \$${CA_INST}_UNSECURE_PORT)
+        local tmp_ca_host=$(eval echo \$${cs_Role})
+       local valid_admin_cert=$CA_INST\_adminV
+	local ldap_host=`hostname`
+        local ldap_port=$(eval echo \$${CA_INST}_LDAP_PORT)
+        local ldap_bind=$LDAP_ROOTDN
+	local ldap_bind_pwd=$LDAP_ROOTDNPWD
+	local ldap_secure="false"
+	local ldap_prompt="CA LDAP Publishing"
+	local ldap_authtype="BasicAuth"
+	local valid_admin_user=$CA_INST\_adminV
+        local valid_admin_user_password=$CA_INST\_adminV_password
+
+	rlPhaseStartTest "pki_console_enable_publishing-001:CA - Admin Interface - Enable Publishing"
+	header_001="$TmpDir/ca_pub_001.txt"
+	local admin_out="$TmpDir/admin_out_enablepub"
+	rlLog "Enable Publishing"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_001 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+		-d \"OP_TYPE=OP_PROCESS&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&publishingEnable=true&enable=true&ldapconn.host=$ldap_host&ldapconn.port=$ldap_port&ldapConn.secureConn=$ldap_secure&ldapauth.bindPWPrompt=$ldap_prompt&ldapauth.bindDN=$ldap_bind&directoryManagerPwd=$ldap_bind_pwd&ldapconn.version=3&ldapauth.authtype=$ldap_authtype&ldapauth.clientCertNickname=&\" \
+		-k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Enable Publishing"
+	rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_001"
+	rlAssertGrep "Success" "$admin_out"
+	rlAssertNotGrep "Failure" "$admin_out"
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_publishing_config-002:CA - Admin Interface - Read Publishing config"
+	header_002="$TmpDir/ca_pub_002.txt"
+        local admin_out="$TmpDir/admin_out_readpubconf"
+        rlLog "Read Publishing Config"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_002 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&publishingEnable=&enable=&ldapconn.host=&ldapconn.port=&ldapConn.secureConn=&ldapauth.bindPWPrompt=&ldapauth.bindDN=&directoryManagerPwd=&ldapconn.version=&ldapauth.authtype=&ldapauth.clientCertNickname=&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read Publishing Config"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_002"
+	ldapbindpromptout=$(echo $ldap_prompt | tr -d ' ')
+	rlAssertGrep "ldapconn.host=$ldap_host" "$admin_out"
+	rlAssertGrep "ldapconn.port=$ldap_port" "$admin_out"
+	rlAssertGrep "ldapConn.secureConn=$ldap_secure" "$admin_out"
+	rlAssertGrep "ldapauth.bindPWPrompt=$ldapbindpromptout" "$admin_out"
+	rlAssertGrep "ldapauth.bindDN=cn%3DDirectoryManager" "$admin_out"
+	rlAssertGrep "directoryManagerPwd=" "$admin_out"
+	rlAssertGrep "ldapconn.version=3" "$admin_out"
+	rlAssertGrep "ldapauth.authtype=$ldap_authtype" "$admin_out"
+	rlAssertGrep "ldapauth.clientCertNickname=" "$admin_out"
+	rlAssertGrep "publishingEnable=true" "$admin_out"
+	rlAssertGrep "enable=true" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_list_all_mappers-003:CA - Admin Interface - List all mappers"
+	header_003="$TmpDir/ca_pub_003.txt"
+        local admin_out="$TmpDir/admin_out_listmappers"
+        rlLog "List all mappers"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_003 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=mapperRules&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "List all mappers"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_003"
+	rlAssertGrep "LdapCaCertMap=LdapCaSimpleMap:visible" "$admin_out"
+	rlAssertGrep "LdapUserCertMap=LdapSimpleMap:visible" "$admin_out"
+	rlAssertGrep "NoMap=NoMap:visible" "$admin_out"
+	rlAssertGrep "LdapCrlMap=LdapCaSimpleMap:visible" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_list_all_mapper_plugins-004:CA - Admin Interface - List all mapper plugins"
+        local admin_out="$TmpDir/admin_out_listmapperplugin"
+	header_004="$TmpDir/ca_pub_004.txt"
+        rlLog "List all mapper plugin"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_004 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=mapperImpls&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "List all mapper plugins"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_004"
+	rlAssertGrep "LdapEnhancedMap=com.netscape.cms.publish.mappers.LdapEnhancedMap%2CLdapEnhancedMap" "$admin_out"
+	rlAssertGrep "LdapSubjAttrMap=com.netscape.cms.publish.mappers.LdapCertSubjMap%2CLdapCertSubjMap" "$admin_out"
+	rlAssertGrep "NoMap=com.netscape.cms.publish.mappers.NoMap%2CNoMap" "$admin_out"
+	rlAssertGrep "LdapSimpleMap=com.netscape.cms.publish.mappers.LdapSimpleMap%2CLdapSimpleMap" "$admin_out"
+	rlAssertGrep "LdapCaSimpleMap=com.netscape.cms.publish.mappers.LdapCaSimpleMap%2CLdapCaSimpleMap" "$admin_out"
+	rlAssertGrep "LdapDNExactMap=com.netscape.cms.publish.mappers.LdapCertExactMap%2CLdapCertExactMap" "$admin_out"
+	rlAssertGrep "LdapDNCompsMap=com.netscape.cms.publish.mappers.LdapCertCompsMap%2CLdapCertCompsMap" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_mapper_rule-005:CA - Admin Interface - Read a mapper rule"
+        local admin_out="$TmpDir/admin_out_readmaprule"
+	header_005="$TmpDir/ca_pub_005.txt"
+	searchrule="LdapUserCertMap"
+        rlLog "Read a mapper rule"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_005 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$searchrule&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_005"
+	rlAssertGrep "implName=LdapSimpleMap" "$admin_out"
+	rlAssertGrep "dnPattern=" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_mapper-006:CA - Admin Interface - Add CA ldap mapper"
+        local admin_out="$TmpDir/admin_out_addmapper"
+	header_006="$TmpDir/ca_pub_006.txt"
+        mapper_id="pub07"
+ 	dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=\$subj.o"
+	create_v2_ca_entry="false"
+	create_ca_entry="true"
+	mapper="LdapCaSimpleMap"
+        rlLog "Add a ldap mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_006 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=LdapCaSimpleMap&dnPattern=$dn_pattern&CAEntryV2=$create_v2_ca_entry&createCAEntry=$create_ca_entry&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add a ldap mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" \
+		--dump-header  $header_006 \
+		--basic --user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_006"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	dnpattern1=$(echo $dn_pattern | sed -e 's/=/%3D/g' -e 's/,/%2C/g' -e 's/$req//g' -e 's/$subj//g')
+	rlAssertGrep "dnPattern=$dnpattern1" "$admin_out"
+	rlAssertGrep "createCAEntry=$create_ca_entry" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ldap_mapper-007:CA - Admin Interface - Edit CA ldap mapper"
+        local admin_out="$TmpDir/admin_out_editmapper"
+	header_007="$TmpDir/ca_pub_007.txt"
+        dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=netscapecertificateserver"
+        rlLog "Edit a ldap mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=LdapCaSimpleMap&dnPattern=$dn_pattern&CAEntryV2=$create_v2_ca_entry&createCAEntry=$create_ca_entry&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Edit a ldap mapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+	rlAssertGrep "netscapecertificateserver" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_007 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_007"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_dn_comps_mapper-008:CA - Admin Interface - Add ldap dn comps mapper"
+        local admin_out="$TmpDir/admin_out_addldapdncomps"
+	header_008="$TmpDir/ca_pub_008.txt"
+        mapper_id="pub09"
+	filter_comps="mail"
+	dn_comps="uid"
+	base_dn="o=redhat-ldapdncompsmap"
+        mapper="LdapDNCompsMap"
+        rlLog "Add ldap dn comps mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&filterComps=$filter_comps&dnComps=$dn_comps&baseDN=$base_dn&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap dn comps mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_008 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_008"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	basedn1=$(echo $base_dn | sed 's/=/%3D/g')
+	rlAssertGrep "baseDN=$basedn1" "$admin_out"
+	rlAssertGrep "dnComps=$dn_comps" "$admin_out"
+	rlAssertGrep "filterComps=$filter_comps" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ldap_dn_comps_mapper-009:CA - Admin Interface - Edit ldap dn comps mapper"
+        local admin_out="$TmpDir/admin_out_editldapdncomps"
+	header_009="$TmpDir/ca_pub_009.txt"
+        base_dn="o=redhat-ldapdncompsmap-edit"
+        rlLog "Edit ldap dn comps mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&filterComps=$filter_comps&dnComps=$dn_comps&baseDN=$base_dn&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap dn comps mapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlAssertGrep "redhat-ldapdncompsmap-edit" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_009 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_009"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_dn_exact_mapper-010:CA - Admin Interface - Add ldap dn exact mapper"
+        local admin_out="$TmpDir/admin_out_addldapdnexact"
+	header_010="$TmpDir/ca_pub_010.txt"
+        mapper_id="pub11"
+        mapper="LdapDNExactMap"
+        rlLog "Add ldap dn exact mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_010 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap dn exact mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_010 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_010 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_010"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_enhanced_mapper-011:CA - Admin Interface - Add ldap enhanced mapper"
+        local admin_out="$TmpDir/admin_out_addldapenhanced"
+	header_011="$TmpDir/ca_pub_011.txt"
+        mapper_id="pub12"
+        mapper="LdapEnhancedMap"
+	dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=netscapecertificateserver"
+	attr_pattern="\$req.HTTP_PARAMS.csrRequestorEmail"
+	attr_num="1"
+	create_entry="true"
+	attr_name="mail"
+        rlLog "Add ldap enhanced mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&dnPattern=$dn_pattern&attrPattern0=$attr_pattern&attrNum=$attr_num&createEntry=$create_entry&attrName0=$attr_name&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap enhanced mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_011 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_011"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	dnpattern1=$(echo $dn_pattern | sed -e 's/=/%3D/g' -e 's/,/%2C/g' -e 's/$req//g' -e 's/$subj//g')
+	rlAssertGrep "dnPattern=$dnpattern1" "$admin_out"
+	rlAssertGrep "createEntry=$create_entry" "$admin_out"
+	rlAssertGrep "attrNum=$attr_num" "$admin_out"
+	rlAssertGrep "attrName0=$attr_name" "$admin_out"
+	attrpattern1=$(echo $attr_pattern | sed 's/$req//g')
+	rlAssertGrep "attrPattern0=$attrpattern1" "$admin_out"
+	rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ldap_enhanced_mapper-012:CA - Admin Interface - Edit ldap enhanced mapper"
+        local admin_out="$TmpDir/admin_out_editldapenhanced"
+	header_012="$TmpDir/ca_pub_012.txt"
+        dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=netscapecertificateserver-e"
+        rlLog "Edit ldap enhanced mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_012 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&dnPattern=$dn_pattern&attrPattern0=$attr_pattern&attrNum=$attr_num&createEntry=$create_entry&attrName0=$attrName&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Edit ldap enhanced mapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_012"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_012 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_012"
+        rlAssertGrep "netscapecertificateserver-e" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_012 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_012"
+        rlPhaseEnd
+	
+	rlPhaseStartTest "pki_console_add_ldap_simple_mapper-013:CA - Admin Interface - Add ldap simple mapper"
+	header_013="$TmpDir/ca_pub_013.txt"
+        local admin_out="$TmpDir/admin_out_addldapsimple"
+        mapper_id="pub14"
+        mapper="LdapSimpleMap"
+        dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=netscapecertificateserver"
+        rlLog "Add ldap simple mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_013 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&dnPattern=$dn_pattern&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap simple mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_013"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_013 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_013"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	dnpattern1=$(echo $dn_pattern | sed -e 's/=/%3D/g' -e 's/,/%2C/g' -e 's/$req//g' -e 's/$subj//g')
+	rlAssertGrep "dnPattern=$dnpattern1" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ldap_simple_mapper-014:CA - Admin Interface - Edit ldap simple mapper"
+        local admin_out="$TmpDir/admin_out_editldapsimple"
+	header_014="$TmpDir/ca_pub_014.txt"
+        mapper_id="pub14"
+        dn_pattern="uid=\$req.HTTP_PARAMS.uid,ou=\$subj.ou,o=netscapecertificateserver-e"
+        rlLog "Edit ldap simple mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_014 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&dnPattern=$dn_pattern&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Edit ldap simple mapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_014"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_014 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_014"
+        rlAssertGrep "netscapecertificateserver-e" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_014 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_014"
+        rlPhaseEnd
+	
+	rlPhaseStartTest "pki_console_add_ldap_subj_attr_mapper-015:CA - Admin Interface - Add ldap subj attr mapper"
+        local admin_out="$TmpDir/admin_out_addldapsubjattr"
+	header_015="$TmpDir/ca_pub_015.txt"
+        mapper_id="pub16"
+        mapper="LdapSubjAttrMap"
+        search_base="o=redhat"
+	cert_subj_name_attr="certSubjectName"
+        rlLog "Add ldap subj attr mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_015 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&searchBase=$search_base&certSubjNameAttr=$cert_subj_name_attr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap subj attr mapper"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_015"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_015 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_015"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	rlAssertGrep "certSubjNameAttr=$cert_subj_name_attr" "$admin_out"
+	searchbase1=$(echo $search_base | sed 's/=/%3D/g')
+	rlAssertGrep "searchBase=$searchbase1" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ldap_subj_attr_mapper-016:CA - Admin Interface - Edit ldap subj attr mapper"
+        local admin_out="$TmpDir/admin_out_editldapsubjattr"
+	header_016="$TmpDir/ca_pub_016.txt"
+        search_base="o=redhat-subjattr"
+        rlLog "Edit ldap subj attr mapper"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_016 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&searchBase=$search_base&certSubjNameAttr=$cert_subj_name_attr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Edit ldap subj attr mapper"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_016"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_016 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_016"
+        rlAssertGrep "redhat-subjattr" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_016 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete mapper rule $mapper_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_016"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_no_map-017:CA - Admin Interface - Add ldap no map"
+        local admin_out="$TmpDir/admin_out_addldapnomap"
+	header_017="$TmpDir/ca_pub_017.txt"
+        mapper_id="pub18"
+        mapper="NoMap"
+        rlLog "Add ldap no map"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_017 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=mapperRules&RS_ID=$mapper_id&RULENAME=$mapper_id&implName=$mapper&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap no map"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_017"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_ldap_no_map-018:CA - Admin Interface - Read ldap no map"
+        local admin_out="$TmpDir/admin_out_readldapnomap"
+	header_018="$TmpDir/ca_pub_018.txt"
+        rlLog "Add ldap no map"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_018 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read ldap no map"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_018"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_delete_ldap_no_map-019:CA - Admin Interface - Delete ldap no map"
+        local admin_out="$TmpDir/admin_out_deleteldapnomap"
+	header_019="$TmpDir/ca_pub_019.txt"
+        rlLog "Delete ldap no map"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_019 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Delete ldap no map"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_019"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_019 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=mapperRules&RS_ID=$mapper_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read ldap no map"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_019"
+	rlAssertNotGrep "$mapper" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_file_based_publisher-020:CA - Admin Interface - Add file based publisher"
+        local admin_out="$TmpDir/admin_out_addfilebasedpub"
+	header_020="$TmpDir/ca_pub_020.txt"
+        pub_id="pub24"
+        mapper="FileBasedPublisher"
+	file_b64="true"
+	file_dir="/tmp"
+	file_der="true"
+        rlLog "Add file based publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_020 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&Filename.b64=$file_b64&directory=$file_dir&Filename.der=$file_der&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add file based publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_020"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_020 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_020"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	filedir1=$(echo $file_dir | sed 's/\//%2F/g')
+	rlAssertGrep "directory=$filedir1" "$admin_out"
+	rlAssertGrep "Filename.der=$file_der" "$admin_out"
+	rlAssertGrep "Filename.b64=$file_b64" "$admin_out"
+        rlPhaseEnd
+	
+	rlPhaseStartTest "pki_console_edit_file_based_publisher-021:CA - Admin Interface - Edit file based publisher"
+        local admin_out="$TmpDir/admin_out_editfilebasedpub"
+	header_021="$TmpDir/ca_pub_021.txt"
+        file_dir="/usr"
+        rlLog "Add file based publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_021 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&Filename.b64=$file_b64&directory=$file_dir&Filename.der=$file_der&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add file based publisher"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_021"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_021 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_021"
+	filedir1=$(echo $file_dir | sed 's/\//%2F/g')
+	rlAssertGrep "directory=$filedir1" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_021 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_021"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_cacert_publisher-022:CA - Admin Interface - Add Ldap cacert publisher"
+        local admin_out="$TmpDir/admin_out_addldapcacertpub"
+	header_022="$TmpDir/ca_pub_022.txt"
+        pub_id="pub26"
+        mapper="LdapCaCertPublisher"
+	caObjectClass="certificationAuthority"
+	caCertAttr="caCertificate;binary"
+        rlLog "Add ldap ca cert publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_022 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&caObjectClass=$caObjectClass&caCertAttr=$caCertAttr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add Ldap ca cert publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_022"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_022 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_022"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	certAttr1=$(echo $caCertAttr | sed 's/;/:/g')
+	rlAssertGrep "caCertAttr=$certAttr1" "$admin_out"
+	rlAssertGrep "caObjectClass=$caObjectClass" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_022 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_022"
+        rlPhaseEnd
+	
+	rlPhaseStartTest "pki_console_add_ldap_certificate_pair_publisher-023:CA - Admin Interface - Add Ldap certificate pair publisher"
+        local admin_out="$TmpDir/admin_out_addldapcertpairpub"
+	header_023="$TmpDir/ca_pub_023.txt"
+        pub_id="pub27"
+        mapper="LdapCertificatePairPublisher"
+	caObjectClass="certificationAuthority"
+	crossCertPairAttr="crossCertificatePair;binary"
+        rlLog "Add ldap certificate pair publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_023 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&caObjectClass=$caObjectClass&crossCertPairAttr=$crossCertPairAttr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add Ldap certificate pair publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_023"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		 --dump-header  $header_023 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_023"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	crossCertPairAttr1=$(echo $crossCertPairAttr | sed 's/;/:/g')
+	rlAssertGrep "crossCertPairAttr=$crossCertPairAttr1" "$admin_out"
+	rlAssertGrep "caObjectClass=$caObjectClass" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_023 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_023"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_crl_publisher-024:CA - Admin Interface - Add Ldap crl publisher"
+        local admin_out="$TmpDir/admin_out_addldapcrlpub"
+	header_024="$TmpDir/ca_pub_024.txt"
+        pub_id="pub28"
+        mapper="LdapCrlPublisher"
+        crlAttr="certificateRevocationList;binary"
+        rlLog "Add ldap crl publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_024 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&crlAttr=$crlAttr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap crl publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_024"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_024 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_024"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	crlAttr1=$(echo $crlAttr | sed 's/;/:/g')
+	rlAssertGrep "crlAttr=$crlAttr1" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_024 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_024"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_delta_crl_publisher-025:CA - Admin Interface - Add Ldap delta crl publisher"
+        local admin_out="$TmpDir/admin_out_addldapdeltacrlpub"
+	header_025="$TmpDir/ca_pub_025.txt"
+        pub_id="pub29"
+        mapper="LdapDeltaCrlPublisher"
+        crlAttr="certificateRevocationList;binary"
+        rlLog "Add ldap delta crl publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_025 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&crlAttr=$crlAttr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap delta crl publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_025"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_025 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_025"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	crlAttr1=$(echo $crlAttr | sed 's/;/:/g')
+        rlAssertGrep "crlAttr=$crlAttr1" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_025 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_025"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ldap_user_cert_publisher-026:CA - Admin Interface - Add Ldap user cert publisher"
+        local admin_out="$TmpDir/admin_out_addldapusercertpub"
+	header_026="$TmpDir/ca_pub_026.txt"
+        pub_id="pub30"
+        mapper="LdapUserCertPublisher"
+        certAttr="userCertificate;binary"
+        rlLog "Add ldap user cert publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_026 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&certAttr=$certAttr&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ldap user cert publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_026"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_026 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_026"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	certAttr1=$(echo $certAttr | sed 's/;/:/g')
+        rlAssertGrep "certAttr=$certAttr1" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_026 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_026"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_ocsp_publisher-027:CA - Admin Interface - Add ocsp publisher"
+        local admin_out="$TmpDir/admin_out_addocsppub"
+	header_027="$TmpDir/ca_pub_027.txt"
+        pub_id="pub31"
+        mapper="OCSPPublisher"
+	ocsp_host="somehost"
+	ocsp_port="1234"
+        rlLog "Add ocsp publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_027 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&host=$ocsp_host&port=$ocsp_port&path=/ocsp/addCRL&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add ocsp publisher"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_027"
+        rlAssertGrep "implName=$mapper" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_027 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_027"
+	rlAssertGrep "implName=$mapper" "$admin_out"
+	rlAssertGrep "host=$ocsp_host" "$admin_out"
+	rlAssertGrep "port=$ocsp_port" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_edit_ocsp_publisher-028:CA - Admin Interface - Edit ocsp publisher"
+        local admin_out="$TmpDir/admin_out_editocsppub"
+	header_028="$TmpDir/ca_pub_028.txt"
+        ocsp_host="somehost.redhat.com"
+        rlLog "Edit ocsp publisher"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_028 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_MODIFY&OP_SCOPE=publisherRules&RS_ID=$pub_id&RULENAME=$pub_id&implName=$mapper&host=$ocsp_host&port=$ocsp_port&path=/ocsp/addCRL&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Edit ocsp publisher"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_028"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_028 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_028"
+        rlAssertGrep "host=$ocsp_host" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_delete_publisher-029:CA - Admin Interface - Delete publisher"
+        local admin_out="$TmpDir/admin_out_deletepub"
+	header_029="$TmpDir/ca_pub_029.txt"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_029 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publisher $pub_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_029"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_029 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=publisherRules&RS_ID=$pub_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read a mapper rule"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_029"
+	rlAssertNotGrep "implName=$mapper" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_list_all_publishing_rules-030:CA - Admin Interface - List all publishing rules"
+        local admin_out="$TmpDir/admin_out_listpubrules"
+	header_030="$TmpDir/ca_pub_030.txt"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_030 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_SEARCH&OP_SCOPE=ruleRules&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "List all publishing rules"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_030"
+	rlAssertGrep "LdapXCertRule" "$admin_out"
+	rlAssertGrep "LdapCaCertRule" "$admin_out"
+	rlAssertGrep "LdapUserCertRule" "$admin_out"
+	rlAssertGrep "ocsprule" "$admin_out"
+	rlAssertGrep "LdapCrlRule" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_publishing_rule_type_certs-031:CA - Admin Interface - Add publishing rule - type certs"
+        local admin_out="$TmpDir/admin_out_addpubrulecerts"
+	header_031="$TmpDir/ca_pub_031.txt"
+        rule_id="rule35"
+        rule_predicate="HTTP_PARAMS.certType==client"
+	rule_enable="true"
+	rule_type="certs"
+	rule_publisher="LdapUserCertPublisher"
+	rule_mapper="LdapUserCertMap"
+        rlLog "Add publishing rule - type certs"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_031 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=ruleRules&RS_ID=$rule_id&RULENAME=$rule_id&implName=Rule&predicate=$rule_predicate&enable=$rule_enable&type=$rule_type&publisher=$rule_publisher&mapper=$rule_mapper&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add publishing rule - type certs"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_031"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_031 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read publishing rule $rule_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_031"
+	rlAssertGrep "implName=Rule" "$admin_out"
+	rlAssertGrep "type=$rule_type" "$admin_out"
+	rule_predict1=$(echo $rule_predict | sed 's/=/%3D/g')
+	rlAssertGrep "predicate=$rule_predict1" "$admin_out"
+	rlAssertGrep "enable=$rule_enable" "$admin_out"
+	rlAssertGrep "mapper=$rule_mapper" "$admin_out"
+	rlAssertGrep "publisher=$rule_publisher" "$admin_out"
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_031 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publishing rule $rule_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_031"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_publishing_rule_type_cacert-032:CA - Admin Interface - Add publishing rule - type cacert"
+        local admin_out="$TmpDir/admin_out_addpubrulecacert"
+	header_032="$TmpDir/ca_pub_032.txt"
+        rule_id="rule36"
+        rule_predicate="HTTP_PARAMS.certType==ca"
+        rule_enable="true"
+        rule_type="cacert"
+        rule_publisher="LdapCaCertPublisher"
+        rule_mapper="LdapCaCertMap"
+        rlLog "Add publishing rule - type cacert"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_032 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=ruleRules&RS_ID=$rule_id&RULENAME=$rule_id&implName=Rule&predicate=$rule_predicate&enable=$rule_enable&type=$rule_type&publisher=$rule_publisher&mapper=$rule_mapper&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add publishing rule - type cacert"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_032"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_032 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read publishing rule $rule_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_032"
+        rlAssertGrep "implName=Rule" "$admin_out"
+        rlAssertGrep "type=$rule_type" "$admin_out"
+        rule_predict1=$(echo $rule_predict | sed 's/=/%3D/g')
+        rlAssertGrep "predicate=$rule_predict1" "$admin_out"
+        rlAssertGrep "enable=$rule_enable" "$admin_out"
+        rlAssertGrep "mapper=$rule_mapper" "$admin_out"
+        rlAssertGrep "publisher=$rule_publisher" "$admin_out"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_032 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher >> $admin_out" 0 "Delete publishing rule $rule_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_032"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_add_publishing_rule_type_crl-033:CA - Admin Interface - Add publishing rule - type crl"
+        local admin_out="$TmpDir/admin_out_addpubrulecrl"
+	header_033="$TmpDir/ca_pub_033.txt"
+        rule_id="rule37"
+        rule_predicate="issuingPointId==MasterCRL"
+        rule_enable="true"
+        rule_type="crl"
+        rule_publisher="LdapCrlPublisher"
+        rule_mapper="LdapCrlMap"
+        rlLog "Add publishing rule - type cacert"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_033 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_ADD&OP_SCOPE=ruleRules&RS_ID=$rule_id&RULENAME=$rule_id&implName=Rule&predicate=$rule_predicate&enable=$rule_enable&type=$rule_type&publisher=$rule_publisher&mapper=$rule_mapper&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Add publishing rule - type crl"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_033"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_033 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read publishing rule $rule_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_033"
+        rlAssertGrep "implName=Rule" "$admin_out"
+        rlAssertGrep "type=$rule_type" "$admin_out"
+        rule_predict1=$(echo $rule_predict | sed 's/=/%3D/g')
+        rlAssertGrep "predicate=$rule_predict1" "$admin_out"
+        rlAssertGrep "enable=$rule_enable" "$admin_out"
+        rlAssertGrep "mapper=$rule_mapper" "$admin_out"
+        rlAssertGrep "publisher=$rule_publisher" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_read_publishing_rule-034:CA - Admin Interface - Read publishing rule"
+        local admin_out="$TmpDir/admin_out_readpubrule"
+	header_034="$TmpDir/ca_pub_034.txt"
+	rlLog "Read publishing rule"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_034 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read publishing rule $rule_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_034"
+        rlAssertGrep "implName=Rule" "$admin_out"
+        rlAssertGrep "type=$rule_type" "$admin_out"
+        rule_predict1=$(echo $rule_predict | sed 's/=/%3D/g')
+        rlAssertGrep "predicate=$rule_predict1" "$admin_out"
+        rlAssertGrep "enable=$rule_enable" "$admin_out"
+        rlAssertGrep "mapper=$rule_mapper" "$admin_out"
+        rlAssertGrep "publisher=$rule_publisher" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_delete_publishing_rule-035:CA - Admin Interface - Delete publishing rule"
+        local admin_out="$TmpDir/admin_out_deletepubrule"
+	header_035="$TmpDir/ca_pub_035.txt"
+	rlLog "Delete publishing rule"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_035 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_DELETE&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Delete publishing rule $rule_id"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_035"
+	
+	rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_035 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_READ&OP_SCOPE=ruleRules&RS_ID=$rule_id&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Read publishing rule $rule_id"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_035"
+	rlAssertNotGrep "implName=Rule" "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartTest "pki_console_disable_publishing-036:CA - Admin Interface - Disable Publishing"
+        local admin_out="$TmpDir/admin_out_disablepub"
+	header_036="$TmpDir/ca_pub_036.txt"
+        rlLog "Disable Publishing"
+        rlRun "curl --capath "$CERTDB_DIR" --basic \
+		--dump-header  $header_036 \
+		--user "$valid_admin_user:$valid_admin_user_password" \
+                -d \"OP_TYPE=OP_PROCESS&OP_SCOPE=ldap&RS_ID=RS_ID_CONFIG&publishingEnable=false&enable=false&\" \
+                -k https://$tmp_ca_host:$target_secure_port/ca/capublisher > $admin_out" 0 "Disable Publishing"
+        rlRun "process_curl_output $admin_out" 0 "Process curl output file"
+	rlAssertGrep "HTTP/1.1 200 OK" "$header_036"
+        rlAssertGrep "stopped=Publishingisstopped." "$admin_out"
+        rlPhaseEnd
+
+	rlPhaseStartSetup "pki_console_crlip_cleanup"
+	#Delete temporary directory
+        rlRun "popd"
+        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
+        rlPhaseEnd
+}
+
+process_curl_output()
+{
+	output_file=$1
+	sed -i "s/\&/\n&/g" $output_file
+        sed -i "s/+//g"  $output_file
+        sed -i "s/^&//g" $output_file
+        sed -i "s/%3A/":"/g" $output_file
+        sed -i "s/%3B/":"/g" $output_file
+}
diff --git a/tests/dogtag/runtest.sh b/tests/dogtag/runtest.sh
index 8aeb32f01..fa1977120 100755
--- a/tests/dogtag/runtest.sh
+++ b/tests/dogtag/runtest.sh
@@ -178,6 +178,12 @@
 . ./acceptance/cli-tests/pki-ca-profile-cli/pki-ca-profile-cli-mod.sh
 . ./acceptance/legacy/ca-tests/usergroups/pki-ca-usergroups.sh
 . ./acceptance/legacy/ca-tests/profiles/ca-profile.sh
+. ./acceptance/legacy/ca_tests/internaldb/ca-admin-internaldb.sh
+. ./acceptance/legacy/ca_tests/acls/ca-admin-acl.sh
+. ./acceptance/legacy/ca_tests/authplugin/ca-admin-authplugins.sh
+. ./acceptance/legacy/ca-tests/crlissuingpoints/ca-admin-crlissuingpoints.sh
+. ./acceptance/legacy/ca-tests/crls/ca-agent-crls.sh
+. ./acceptance/legacy/ca-tests/publishing/ca-admin-publishing.sh
 . ./acceptance/install-tests/ca-installer.sh
 . ./acceptance/install-tests/kra-installer.sh
 . ./acceptance/install-tests/ocsp-installer.sh
@@ -1419,6 +1425,12 @@ rlJournalStart
                   subsystemType=ca
                   run_pki-legacy-ca-usergroup_tests $subsystemId $subsystemType $MYROLE
                   run_admin-ca-log_tests $subsystemType $MYROLE
+		  run_admin-ca-acl_tests $subsystemType $MYROLE
+		  run_admin-ca-intdb_tests $subsystemType $MYROLE
+		  run_admin-ca-authplugin_tests $subsystemType $MYROLE
+		  run_admin-ca-crlissuingpoints_tests $subsystemType $MYROLE
+		  run_agent-ca-crls_tests $subsystemType $MYROLE
+		  run_admin-ca-publishing_tests $subsystemType $MYROLE
         fi
 
         PKI_LEGACY_CA_USERGROUP_UPPERCASE=$(echo $PKI_LEGACY_CA_USERGROUP | tr [a-z] [A-Z])
@@ -1435,6 +1447,40 @@ rlJournalStart
 		subsystemType=ca
 		run_admin-ca-log_tests $subsystemType $MYROLE
 	fi
+	PKI_LEGACY_CA_ACLS_UPPERCASE=$(echo $PKI_LEGACY_CA_ACLS | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_ACLS_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_admin-ca-acl_tests $subsystemType $MYROLE
+        fi
+        PKI_LEGACY_CA_INTERNALDB_UPPERCASE=$(echo $PKI_LEGACY_CA_INTERNALDB | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_INTERNALDB_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_admin-ca-intdb_tests $subsystemType $MYROLE
+        fi
+        PKI_LEGACY_CA_AUTHPLUGIN_UPPERCASE=$(echo $PKI_LEGACY_CA_AUTHPLUGIN | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_AUTHPLUGIN_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_admin-ca-authplugin_tests $subsystemType $MYROLE
+        fi
+	PKI_LEGACY_CA_CRLISSUINGPOINT_UPPERCASE=$(echo $PKI_LEGACY_CA_CRLISSUINGPOINT | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_CRLISSUINGPOINT_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_admin-ca-crlissuingpoints_tests $subsystemType $MYROLE
+        fi
+        rlPhaseEnd
+
+        PKI_LEGACY_CA_AGENT_CRL_UPPERCASE=$(echo $PKI_LEGACY_CA_AGENT_CRL | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_AGENT_CRL_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_agent-ca-crls_tests $subsystemType $MYROLE
+        fi
+        rlPhaseEnd
+
+        PKI_LEGACY_CA_ADMIN_PUBLISHING_UPPERCASE=$(echo $PKI_LEGACY_CA_ADMIN_PUBLISHING | tr [a-z] [A-Z])
+        if [ "$PKI_LEGACY_CA_ADMIN_PUBLISHING_UPPERCASE" = "TRUE" ] || [ "$TEST_ALL_UPPERCASE" = "TRUE" ]; then
+                subsystemType=ca
+                run_admin-ca-publishing_tests $subsystemType $MYROLE
+        fi
         rlPhaseEnd
 
 	######## INSTALL TESTS ############