diff options
| -rw-r--r-- | base/java-tools/man/man1/pki-user-cert.1 | 8 | ||||
| -rw-r--r-- | base/java-tools/man/man1/pki-user-membership.1 | 84 | ||||
| -rw-r--r-- | base/java-tools/man/man1/pki.1 | 6 | ||||
| -rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java | 12 | ||||
| -rw-r--r-- | specs/pki-core.spec | 1 |
5 files changed, 5 insertions, 106 deletions
diff --git a/base/java-tools/man/man1/pki-user-cert.1 b/base/java-tools/man/man1/pki-user-cert.1 index 4ecc45090..77a6c2bc7 100644 --- a/base/java-tools/man/man1/pki-user-cert.1 +++ b/base/java-tools/man/man1/pki-user-cert.1 @@ -77,19 +77,19 @@ The above command will return entries #20 to #29. To view a certificate owned by a CA user, specify the user ID and the certificate ID in the following command: -.B pki <CA admin authentication> ca-user-cert-show testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq +.B pki <CA admin authentication> ca-user-show testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq To add a certificate to a CA user from a file, specify the user ID and the input file: -.B pki <CA admin authentication> ca-user-cert-add testuser --input testuser.crt +.B pki <CA admin authentication> ca-user-add testuser --input testuser.crt To add a certificate to a CA user from the certificate repository, specify the user ID and the serial number: -.B pki <CA admin authentication> ca-user-cert-add testuser --serial 0x80 +.B pki <CA admin authentication> ca-user-add testuser --serial 0x80 To delete a certificate from a CA user, specify the user ID and the certificate ID in the following command: -.B pki <CA admin authentication> ca-user-cert-del testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq +.B pki <CA admin authentication> ca-user-del testuser \*(lq2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser\*(rq .SH AUTHORS Endi S. Dewata <edewata@redhat.com>. diff --git a/base/java-tools/man/man1/pki-user-membership.1 b/base/java-tools/man/man1/pki-user-membership.1 deleted file mode 100644 index 7f6c1986b..000000000 --- a/base/java-tools/man/man1/pki-user-membership.1 +++ /dev/null @@ -1,84 +0,0 @@ -.\" First parameter, NAME, should be all caps -.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection -.\" other parameters are allowed: see man(7), man(1) -.TH pki-user-membership 1 "Aug 24, 2015" "version 10.2" "PKI User Membership Management Commands" Dogtag Team -.\" Please adjust this date whenever revising the man page. -.\" -.\" Some roff macros, for reference: -.\" .nh disable hyphenation -.\" .hy enable hyphenation -.\" .ad l left justify -.\" .ad b justify to both left and right margins -.\" .nf disable filling -.\" .fi enable filling -.\" .br insert line break -.\" .sp <n> insert n+1 empty lines -.\" for man page specific macros, see man(7) -.SH NAME -pki-user-membership \- Command-Line Interface for managing Certificate System user memberships. - -.SH SYNOPSIS -.nf -\fBpki\fR [CLI options] \fB<subsystem>-user-membership\fR -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-find\fR <user ID> [command options] -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-add\fR <user ID> <group ID> [command options] -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-del\fR <user ID> <group ID> [command options] -.fi - -.SH DESCRIPTION -.PP -The \fBpki-user-membership\fR commands provide command-line interfaces to manage user memberships on the specified subsystem. -.PP -Valid subsystems are \fBca\fR, \fBkra\fR, \fBocsp\fR, \fBtks\fR, and \fBtps\fR. If the \fB<subsystem>-\fR prefix is omitted, it will default to \fBca\fR. -.PP -\fBpki\fR [CLI options] \fB<subsystem>-user-membership\fR -.RS 4 -This command is to list available user membership commands for the subsystem. -.RE -.PP -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-find\fR <user ID> [command options] -.RS 4 -This command is to list groups in which the subsystem user is a member. -.RE -.PP -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-add\fR <user ID> <group ID> [command options] -.RS 4 -This command is to add the subsystem user into a group. -.RE -.PP -\fBpki\fR [CLI options] \fB<subsystem>-user-membership-del\fR <user ID> <group ID> [command options] -.RS 4 -This command is to delete the subsystem user from a group. -.RE - -.SH OPTIONS -The CLI options are described in \fBpki\fR(1). - -.SH OPERATIONS -To view available user membership commands, type \fBpki <subsystem>-user-membership\fP. To view each command's usage, type \fB pki <subsystem>-user-membership-<command> \-\-help\fP. - -All user membership commands must be executed as the subsystem administrator. - -For example, to list groups in which a CA user is a member execute the following command: - -.B pki <CA admin authentication> ca-user-membership-find testuser - -The results can be paged by specifying the (0-based) index of the first entry to return and the maximum number of entries returned: - -.B pki <CA admin authentication> ca-user-membership-find testuser --start 20 --size 10 - -The above command will return entries #20 to #29. - -To add a CA user into a group, specify the user ID and the group ID in the following command: - -.B pki <CA admin authentication> ca-user-membership-add testuser Administrators - -To delete a CA user from a group, specify the user ID and the group ID in the following command: - -.B pki <CA admin authentication> ca-user-membership-del testuser Administrators - -.SH AUTHORS -Endi S. Dewata <edewata@redhat.com>. - -.SH COPYRIGHT -Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1 index 60c19f4dd..3de8f6e92 100644 --- a/base/java-tools/man/man1/pki.1 +++ b/base/java-tools/man/man1/pki.1 @@ -304,12 +304,6 @@ User certificate management commands .RE .PP -\fBpki-user-membership\fR(1) -.RS 4 -User membership management commands -.RE - -.PP \fBpki-ca-profile\fR(1) .RS 4 Profile management commands diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java index 637cfa394..14e8eadbf 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java @@ -3402,20 +3402,10 @@ public class TPSProcessor { byte protocol = oidSecureChannelProtocol.at(length - 2); byte implementation = oidSecureChannelProtocol.at(length - 1); - if (protocol == SecureChannel.SECURE_PROTO_03) { - throw new TPSException("TPSProcessor.gp211GetSecureChannelProtocolDetails: No support for SCP03 as of yet, bailing.", - TPSStatus.STATUS_ERROR_SECURE_CHANNEL); - } - platProtInfo.setProtocol(protocol); platProtInfo.setImplementation(implementation); platProtInfo.setKeysetInfoData(keyData); - - if (protocol == SecureChannel.SECURE_PROTO_02) - platProtInfo.setPlatform(SecureChannel.GP211); - else - platProtInfo.setPlatform(SecureChannel.GP201); - + platProtInfo.setPlatform(SecureChannel.GP211); CMS.debug("TPSProcessor.gp211GetSecureChannelProtocolDetails: protocol: " + protocol + " implementation: " + implementation + " keyInfoData: " + keyData.toHexString()); diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 97dbe9235..15e8b040d 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -890,7 +890,6 @@ systemctl daemon-reload %{_mandir}/man1/pki-securitydomain.1.gz %{_mandir}/man1/pki-user.1.gz %{_mandir}/man1/pki-user-cert.1.gz -%{_mandir}/man1/pki-user-membership.1.gz %{_mandir}/man1/pki-ca-profile.1.gz %{_mandir}/man1/pki-tps-profile.1.gz |