summaryrefslogtreecommitdiffstats
path: root/base/deploy/src
diff options
context:
space:
mode:
Diffstat (limited to 'base/deploy/src')
-rwxr-xr-xbase/deploy/src/pkidestroy26
-rwxr-xr-xbase/deploy/src/pkispawn28
-rw-r--r--base/deploy/src/scriptlets/infrastructure_layout.py16
-rw-r--r--base/deploy/src/scriptlets/initialization.py3
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py4
-rw-r--r--base/deploy/src/scriptlets/pkijython.py23
-rw-r--r--base/deploy/src/scriptlets/pkimessages.py10
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py94
8 files changed, 115 insertions, 89 deletions
diff --git a/base/deploy/src/pkidestroy b/base/deploy/src/pkidestroy
index 5faa97cee..304b0bd0c 100755
--- a/base/deploy/src/pkidestroy
+++ b/base/deploy/src/pkidestroy
@@ -83,9 +83,11 @@ def main(argv):
config.pki_dns_domainname = subprocess.check_output("domainname",
shell=True)
config.pki_dns_domainname = config.pki_dns_domainname.rstrip('\n')
+ if not len(config.pki_dns_domainname):
+ print log.PKI_DNS_DOMAIN_NOT_SET
+ sys.exit(1)
except subprocess.CalledProcessError as exc:
- config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc,
- extra=config.PKI_INDENTATION_LEVEL_0)
+ print log.PKI_SUBPROCESS_ERROR_1 % exc
sys.exit(1)
# Initialize 'pretty print' for objects
@@ -97,7 +99,7 @@ def main(argv):
# Enable 'pkidestroy' logging.
if not config.pki_dry_run_flag:
config.pki_log_dir = config.pki_root_prefix +\
- "/var/log"
+ config.PKI_DEPLOYMENT_LOG_ROOT
config.pki_log_name = "pki" + "-" +\
config.pki_subsystem.lower() +\
"-" + "destroy" + "." +\
@@ -124,14 +126,6 @@ def main(argv):
sys.exit(1)
else:
# NEVER print out 'sensitive' name/value pairs!!!
- config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_mandatory_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_optional_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(pp.pformat(config.pki_common_dict),
@@ -147,7 +141,7 @@ def main(argv):
# Override PKI configuration file values with 'custom' command-line values.
if not config.custom_pki_admin_domain_name is None:
- config.pki_optional_dict['pki_admin_domain_name'] =\
+ config.pki_common_dict['pki_admin_domain_name'] =\
config.custom_pki_admin_domain_name
if not config.custom_pki_instance_name is None:
config.pki_web_server_dict['pki_instance_name'] =\
@@ -162,14 +156,6 @@ def main(argv):
config.pki_web_server_dict['pki_ajp_port'] =\
config.custom_pki_ajp_port
# NEVER print out 'sensitive' name/value pairs!!!
- config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_mandatory_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_optional_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(pp.pformat(config.pki_common_dict),
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn
index 931b9baf0..6f32d08d0 100755
--- a/base/deploy/src/pkispawn
+++ b/base/deploy/src/pkispawn
@@ -83,9 +83,11 @@ def main(argv):
config.pki_dns_domainname = subprocess.check_output("domainname",
shell=True)
config.pki_dns_domainname = config.pki_dns_domainname.rstrip('\n')
+ if not len(config.pki_dns_domainname):
+ print log.PKI_DNS_DOMAIN_NOT_SET
+ sys.exit(1)
except subprocess.CalledProcessError as exc:
- config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc,
- extra=config.PKI_INDENTATION_LEVEL_0)
+ print log.PKI_SUBPROCESS_ERROR_1 % exc
sys.exit(1)
# Generate random 'pin's for use as security database passwords
@@ -110,7 +112,7 @@ def main(argv):
if not config.pki_update_flag:
if not config.pki_dry_run_flag:
config.pki_log_dir = config.pki_root_prefix +\
- "/var/log"
+ config.PKI_DEPLOYMENT_LOG_ROOT
config.pki_log_name = "pki" + "-" +\
config.pki_subsystem.lower() +\
"-" + "spawn" + "." +\
@@ -126,7 +128,7 @@ def main(argv):
else:
if not config.pki_dry_run_flag:
config.pki_log_dir = config.pki_root_prefix +\
- "/var/log"
+ config.PKI_DEPLOYMENT_LOG_ROOT
config.pki_log_name = "pki" + "-" +\
config.pki_subsystem.lower() +\
"-" + "respawn" + "." +\
@@ -153,14 +155,6 @@ def main(argv):
sys.exit(1)
else:
# NEVER print out 'sensitive' name/value pairs!!!
- config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_mandatory_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_optional_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(pp.pformat(config.pki_common_dict),
@@ -176,7 +170,7 @@ def main(argv):
# Override PKI configuration file values with 'custom' command-line values.
if not config.custom_pki_admin_domain_name is None:
- config.pki_optional_dict['pki_admin_domain_name'] =\
+ config.pki_common_dict['pki_admin_domain_name'] =\
config.custom_pki_admin_domain_name
if not config.custom_pki_instance_name is None:
config.pki_web_server_dict['pki_instance_name'] =\
@@ -191,14 +185,6 @@ def main(argv):
config.pki_web_server_dict['pki_ajp_port'] =\
config.custom_pki_ajp_port
# NEVER print out 'sensitive' name/value pairs!!!
- config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_mandatory_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pp.pformat(config.pki_optional_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(log.PKI_DICTIONARY_COMMON,
extra=config.PKI_INDENTATION_LEVEL_0)
config.pki_log.debug(pp.pformat(config.pki_common_dict),
diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py
index 471739700..d5ce233c6 100644
--- a/base/deploy/src/scriptlets/infrastructure_layout.py
+++ b/base/deploy/src/scriptlets/infrastructure_layout.py
@@ -36,8 +36,10 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
extra=config.PKI_INDENTATION_LEVEL_1)
# establish top-level infrastructure base
util.directory.create(master['pki_path'])
- # establish top-level infrastructure logs
- util.directory.create(master['pki_log_path'])
+ # no need to establish top-level infrastructure logs
+ # since it now stores 'pkispawn'/'pkidestroy' logs
+ # and will already exist
+ # util.directory.create(master['pki_log_path'])
# establish top-level infrastructure configuration
if master['pki_configuration_path'] !=\
config.PKI_DEPLOYMENT_CONFIGURATION_ROOT:
@@ -70,8 +72,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.instance.pki_subsystem_instances() == 0:
# remove top-level infrastructure base
util.directory.delete(master['pki_path'])
- # remove top-level infrastructure logs
- util.directory.delete(master['pki_log_path'])
+ # do NOT remove top-level infrastructure logs
+ # since it now stores 'pkispawn'/'pkidestroy' logs
+ # util.directory.delete(master['pki_log_path'])
# remove top-level infrastructure configuration
if util.directory.is_empty(master['pki_configuration_path'])\
and master['pki_configuration_path'] !=\
@@ -89,8 +92,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.instance.pki_subsystem_instances() == 1:
# remove top-level infrastructure base
util.directory.delete(master['pki_path'])
- # remove top-level infrastructure logs
- util.directory.delete(master['pki_log_path'])
+ # do NOT remove top-level infrastructure logs
+ # since it now stores 'pkispawn'/'pkidestroy' logs
+ # util.directory.delete(master['pki_log_path'])
# remove top-level infrastructure configuration
if util.directory.is_empty(master['pki_configuration_path'])\
and master['pki_configuration_path'] !=\
diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index 1ff8522ed..cc516532e 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -46,8 +46,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# establish 'uid' and 'gid'
util.identity.set_uid(master['pki_user'])
util.identity.set_gid(master['pki_group'])
- # verify existence of MANDATORY configuration file data
+ # verify existence of SENSITIVE configuration file data
util.configuration_file.verify_sensitive_data()
+ # verify existence of MUTUALLY EXCLUSIVE configuration file data
util.configuration_file.verify_mutually_exclusive_data()
return self.rv
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index 59526e667..fc8ddac90 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -100,9 +100,9 @@ pki_one_time_pin = None
# PKI Deployment "Mandatory" Command-Line Variables
pki_subsystem = None
+pkideployment_cfg = "/usr/share/pki/deployment/config/pkideployment.cfg"
# PKI Deployment "Optional" Command-Line Variables
-pkideployment_cfg = "/usr/share/pki/deployment/config/pkideployment.cfg"
pki_dry_run_flag = False
pki_root_prefix = None
pki_update_flag = False
@@ -168,8 +168,6 @@ pki_console_log_level = None
# PKI Deployment Global Dictionaries
pki_sensitive_dict = None
-pki_mandatory_dict = None
-pki_optional_dict = None
pki_common_dict = None
pki_web_server_dict = None
pki_subsystem_dict = None
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index 7856ba8c1..b55c9ecec 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -299,65 +299,52 @@ class rest_client:
data.setPin(master['pki_one_time_pin'])
data.setToken(ConfigurationData.TOKEN_DEFAULT)
if master['pki_instance_type'] == "Tomcat":
+ data.setSubsystemName(master['pki_subsystem_name'])
if master['pki_subsystem'] == "CA":
if config.str2bool(master['pki_clone']):
# Cloned CA
data.setHierarchy("root")
data.setIsClone("true")
- data.setSubsystemName("Cloned CA Subsystem")
elif config.str2bool(master['pki_external']):
# External CA
data.setHierarchy("join")
data.setIsClone("false")
- data.setSubsystemName("External CA Subsystem")
elif config.str2bool(master['pki_subordinate']):
# Subordinate CA
data.setHierarchy("join")
data.setIsClone("false")
- data.setSubsystemName("Subordinate CA Subsystem")
else:
# PKI CA
data.setHierarchy("root")
data.setIsClone("false")
- data.setSubsystemName("PKI CA Subsystem")
elif master['pki_subsystem'] == "KRA":
if config.str2bool(master['pki_clone']):
# Cloned KRA
data.setIsClone("true")
- data.setSubsystemName("Cloned KRA Subsystem")
else:
# PKI KRA
data.setIsClone("false")
- data.setSubsystemName("PKI KRA Subsystem")
elif master['pki_subsystem'] == "OCSP":
if config.str2bool(master['pki_clone']):
# Cloned OCSP
data.setIsClone("true")
- data.setSubsystemName("Cloned OCSP Subsystem")
else:
# PKI OCSP
data.setIsClone("false")
- data.setSubsystemName("PKI OCSP Subsystem")
elif master['pki_subsystem'] == "TKS":
if config.str2bool(master['pki_clone']):
# Cloned TKS
data.setIsClone("true")
- data.setSubsystemName("Cloned TKS Subsystem")
else:
# PKI TKS
data.setIsClone("false")
- data.setSubsystemName("PKI TKS Subsystem")
# Security Domain Information
+ #
+ # NOTE: External CA's DO NOT require a security domain
if master['pki_instance_type'] == "Tomcat":
if master['pki_subsystem'] == "CA":
- if config.str2bool(master['pki_external']):
- # External CA
- data.setSecurityDomainType(
- ConfigurationData.NEW_DOMAIN)
- data.setSecurityDomainName(
- master['pki_security_domain_name'])
- elif not config.str2bool(master['pki_clone']) and\
- not config.str2bool(master['pki_subordinate']):
+ if not config.str2bool(master['pki_clone']) and\
+ not config.str2bool(master['pki_subordinate']):
# PKI CA
data.setSecurityDomainType(
ConfigurationData.NEW_DOMAIN)
diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py
index 58b09dca3..d1326edb3 100644
--- a/base/deploy/src/scriptlets/pkimessages.py
+++ b/base/deploy/src/scriptlets/pkimessages.py
@@ -20,14 +20,6 @@
#
# PKI Deployment Engine Messages
-PKI_DICTIONARY_MANDATORY ="\n"\
-"=====================================================\n"\
-" DISPLAY CONTENTS OF PKI MANDATORY DICTIONARY\n"\
-"====================================================="
-PKI_DICTIONARY_OPTIONAL ="\n"\
-"=====================================================\n"\
-" DISPLAY CONTENTS OF PKI OPTIONAL DICTIONARY\n"\
-"====================================================="
PKI_DICTIONARY_COMMON ="\n"\
"=====================================================\n"\
" DISPLAY CONTENTS OF PKI COMMON DICTIONARY\n"\
@@ -80,6 +72,8 @@ PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = "Directory '%s' already "\
"directory!"
PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = "Directory '%s' is either "\
"missing or is NOT a directory!"
+PKI_DNS_DOMAIN_NOT_SET = "A valid DNS domain name MUST be established "\
+ "to use PKI services!"
PKI_FILE_ALREADY_EXISTS_1 = "File '%s' already exists!"
PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1 = "File '%s' already "\
"exists BUT it is NOT a "\
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 6c4574add..e824c8ac9 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -261,8 +261,6 @@ def read_pki_configuration_file():
parser.optionxform = str
parser.read(config.pkideployment_cfg)
config.pki_sensitive_dict = dict(parser._sections['Sensitive'])
- config.pki_mandatory_dict = dict(parser._sections['Mandatory'])
- config.pki_optional_dict = dict(parser._sections['Optional'])
config.pki_common_dict = dict(parser._sections['Common'])
if config.pki_subsystem == "CA":
config.pki_web_server_dict = dict(parser._sections['Tomcat'])
@@ -284,8 +282,6 @@ def read_pki_configuration_file():
config.pki_subsystem_dict = dict(parser._sections['TPS'])
# Insert empty record into dictionaries for "pretty print" statements
# NEVER print "sensitive" key value pairs!!!
- config.pki_mandatory_dict[0] = None
- config.pki_optional_dict[0] = None
config.pki_common_dict[0] = None
config.pki_web_server_dict[0] = None
config.pki_subsystem_dict[0] = None
@@ -316,8 +312,6 @@ def compose_pki_master_dictionary():
config.pki_master_dict['pki_deployment_cfg'] = config.pkideployment_cfg
# Configuration file name/value pairs
# NEVER add "sensitive" key value pairs to the master dictionary!!!
- config.pki_master_dict.update(config.pki_mandatory_dict)
- config.pki_master_dict.update(config.pki_optional_dict)
config.pki_master_dict.update(config.pki_common_dict)
config.pki_master_dict.update(config.pki_web_server_dict)
config.pki_master_dict.update(config.pki_subsystem_dict)
@@ -1435,6 +1429,7 @@ def compose_pki_master_dictionary():
config.pki_master_dict['pki_subsystem'].lower() + "/" + "pki"
# Jython scriptlet
# 'Security Domain' Configuration name/value pairs
+ # 'Subsystem Name' Configuration name/value pairs
#
# Apache - [RA], [TPS]
# Tomcat - [CA], [KRA], [OCSP], [TKS]
@@ -1459,16 +1454,19 @@ def compose_pki_master_dictionary():
#
# config.pki_master_dict['pki_security_domain_hostname']
# config.pki_master_dict['pki_security_domain_name']
+ # config.pki_master_dict['pki_subsystem_name']
#
if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
if config.pki_subsystem == "CA":
if config.str2bool(config.pki_master_dict['pki_external']):
# External CA
- config.pki_master_dict['pki_security_domain_type'] = "new"
- if not len(config.pki_master_dict\
- ['pki_security_domain_name']):
- config.pki_master_dict['pki_security_domain_name'] =\
- "External CA Security Domain"
+ #
+ # NOTE: External CA's DO NOT require a security domain
+ if not len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "External CA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
elif not config.str2bool(config.pki_master_dict['pki_clone'])\
and not\
config.str2bool(config.pki_master_dict['pki_subordinate']):
@@ -1479,6 +1477,11 @@ def compose_pki_master_dictionary():
config.pki_master_dict['pki_security_domain_name'] =\
config.pki_master_dict['pki_dns_domainname'] +\
" " + "Security Domain"
+ if not len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "PKI CA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
else:
# PKI Cloned or Subordinate CA
config.pki_master_dict['pki_security_domain_type'] =\
@@ -1492,8 +1495,24 @@ def compose_pki_master_dictionary():
"https" + "://" +\
config.pki_master_dict['pki_security_domain_hostname']\
+ ":" + config.pki_security_domain_https_port
+ if config.str2bool(config.pki_master_dict['pki_clone']):
+ # Cloned CA
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "Cloned CA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ else:
+ # Subordinate CA
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "Subordinate CA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
else:
- # PKI KRA, OCSP, or TKS
+ # PKI or Cloned KRA, OCSP, or TKS
config.pki_master_dict['pki_security_domain_type'] = "existing"
if not len(config.pki_master_dict\
['pki_security_domain_hostname']):
@@ -1505,6 +1524,57 @@ def compose_pki_master_dictionary():
config.pki_master_dict['pki_security_domain_hostname'] +\
":" +\
config.pki_master_dict['pki_security_domain_https_port']
+ if config.pki_subsystem == "KRA":
+ if config.str2bool(config.pki_master_dict['pki_clone']):
+ # Cloned KRA
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "Cloned KRA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ else:
+ # PKI KRA
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "PKI KRA" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ elif config.pki_subsystem == "OCSP":
+ if config.str2bool(config.pki_master_dict['pki_clone']):
+ # Cloned OCSP
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "Cloned OCSP" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ else:
+ # PKI OCSP
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "PKI OCSP" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ elif config.pki_subsystem == "TKS":
+ if config.str2bool(config.pki_master_dict['pki_clone']):
+ # Cloned TKS
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "Cloned TKS" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
+ else:
+ # PKI TKS
+ if not\
+ len(config.pki_master_dict['pki_subsystem_name']):
+ config.pki_master_dict['pki_subsystem_name'] =\
+ "PKI TKS" + " " +\
+ config.pki_master_dict['pki_hostname'] + " " +\
+ config.pki_master_dict['pki_https_port']
# Jython scriptlet
# 'Directory Server' Configuration name/value pairs
#