diff options
Diffstat (limited to 'base/deploy')
-rw-r--r-- | base/deploy/etc/default.cfg | 61 | ||||
-rw-r--r-- | base/deploy/src/scriptlets/configuration.py | 2 | ||||
-rw-r--r-- | base/deploy/src/scriptlets/pkiconfig.py | 11 | ||||
-rw-r--r-- | base/deploy/src/scriptlets/pkiparser.py | 239 |
4 files changed, 63 insertions, 250 deletions
diff --git a/base/deploy/etc/default.cfg b/base/deploy/etc/default.cfg index ea9c95677..d619cdc94 100644 --- a/base/deploy/etc/default.cfg +++ b/base/deploy/etc/default.cfg @@ -117,10 +117,10 @@ pki_user=pkiuser # These are used in the processing of pkispawn and are not supposed # to be overwritten by user configuration files. # -pki_source_conf_path=/usr/share/pki/%{pki_subsystem_type}/conf +pki_source_conf_path=/usr/share/pki/%(pki_subsystem_type)s/conf pki_source_setup_path=/usr/share/pki/setup pki_source_server_path=/usr/share/pki/server/conf -pki_source_cs_cfg=/usr/share/pki/%{pki_subsystem_type}/conf/CS.cfg +pki_source_cs_cfg=/usr/share/pki/%(pki_subsystem_type)s/conf/CS.cfg pki_source_registry=/usr/share/pki/setup/pkidaemon_registry pki_path=%(pki_root_prefix)s/var/lib/pki pki_log_path=%(pki_root_prefix)s/var/log/pki @@ -129,6 +129,18 @@ pki_registry_path=%(pki_root_prefix)s/etc/sysconfig/pki pki_instance_path=%(pki_path)s/%(pki_instance_name)s pki_instance_log_path=%(pki_log_path)s/%(pki_instance_name)s pki_instance_configuration_path=%(pki_configuration_path)s/%(pki_instance_name)s +pki_database_path=%(pki_instance_configuration_path)s/alias +pki_instance_database_link=%(pki_instance_path)s/alias +pki_instance_conf_link=%(pki_instance_path)s/conf +pki_instance_logs_link=%(pki_instance_path)s/logs +pki_subsystem_path=%(pki_instance_path)s/%(pki_subsystem_type)s +pki_subsystem_log_path=%(pki_instance_log_path)s/%(pki_subsystem_type)s +pki_subsystem_archive_log_path=%(pki_subsystem_log_path)s/archive +pki_subsystem_configuration_path=%(pki_instance_configuration_path)s/%(pki_subsystem_type)s +pki_subsystem_database_link=%(pki_subsystem_path)s/alias +pki_subsystem_conf_link=%(pki_subsystem_path)s/conf +pki_subsystem_logs_link=%(pki_subsystem_path)s/logs +pki_subsystem_registry_link=%(pki_subsystem_path)s/registry ############################################################################### @@ -155,6 +167,7 @@ pki_cgroup_cpu_systemd_service=%(pki_cgroup_cpu_systemd_service_path)s/%(pki_sys pki_instance_type=Apache pki_instance_type_registry_path =%(pki_registry_path)s/apache pki_instance_registry_path=%(pki_instance_type_registry_path)s/%(pki_instance_name)s +pki_subsystem_registry_path=%(pki_instance_registry_path)s/%(pki_subsystem_type)s ############################################################################### ## Tomcat Configuration: ## @@ -216,22 +229,37 @@ pki_tomcat_webapps_path=%(pki_instance_path)s/webapps pki_tomcat_webapps_root_path=%(pki_tomcat_webapps_path)s/ROOT pki_tomcat_webapps_common_path=%(pki_tomcat_webapps_path)s/pki pki_tomcat_webapps_root_webinf_path=%(pki_tomcat_webapps_root_path)s/WEB-INF -pki_tomcat_work_path=%(pki_instance_path)/work +pki_tomcat_work_path=%(pki_instance_path)s/work pki_tomcat_work_catalina_path=%(pki_tomcat_work_path)s/Catalina pki_tomcat_work_catalina_host_path=%(pki_tomcat_work_catalina_path)s/localhost pki_tomcat_work_catalina_host_run_path=%(pki_tomcat_work_catalina_host_path)s/_ pki_tomcat_work_catalina_host_subsystem_path=%(pki_tomcat_work_catalina_host_path)s/%(pki_subsystem_type)s -pki_instance_conf_log4j_properties=%(pki_instance_configuration_path)/log4j.properties +pki_instance_conf_log4j_properties=%(pki_instance_configuration_path)s/log4j.properties pki_instance_type_registry_path=%(pki_registry_path)s/tomcat pki_instance_registry_path=%(pki_instance_type_registry_path)s/%(pki_instance_name)s +pki_subsystem_registry_path=%(pki_instance_registry_path)s/%(pki_subsystem_type)s pki_tomcat_bin_link=%(pki_instance_path)s/bin pki_instance_lib=%(pki_instance_path)s/lib -pki_instance_lib_log4j_properties=%(pki_instance_lib)/log4j.properties +pki_instance_lib_log4j_properties=%(pki_instance_lib)s/log4j.properties pki_instance_systemd_link=%(pki_instance_path)s/%(pki_instance_name)s +pki_subsystem_signed_audit_log_path=%(pki_subsystem_log_path)s/signedAudit +pki_subsystem_tomcat_webapps_link=%(pki_subsystem_path)s/webapps +pki_tomcat_webapps_subsystem_path=%(pki_tomcat_webapps_path)s/%(pki_subsystem_type)s +pki_tomcat_webapps_subsystem_webinf_classes_path=%(pki_tomcat_webapps_subsystem_path)s/WEB-INF/classes +pki_tomcat_webapps_subsystem_webinf_lib_path=%(pki_tomcat_webapps_subsystem_path)s/WEB-INF/lib +pki_certsrv_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-certsrv.jar +pki_cmsbundle_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-cmsbundle.jar +pki_cmscore_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-cmscore.jar +pki_cms_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-cms.jar +pki_cmsutil_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-cmsutil.jar +pki_nsutil_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-nsutil.jar + # JAR paths # These are used in the processing of pkispawn and are not supposed # to be overwritten by user configuration files +pki_jss_jar=%(arch_java_lib)s/jss4.jar +pki_symkey_jar=%(arch_java_lib)s/symkey.jar pki_apache_commons_collections_jar=/usr/share/java/apache-commons-collections.jar pki_apache_commons_lang_jar=/usr/share/java/apache-commons-lang.jar pki_apache_commons_logging_jar=/usr/share/java/apache-commons-logging.jar @@ -250,7 +278,7 @@ pki_resteasy_jaxrs_api_jar=%(resteasy_lib)s/jaxrs-api.jar pki_nsutil=/usr/share/java/pki/pki-nsutil.jar pki_tomcat_jar=/usr/share/java/pki/pki-tomcat.jar pki_resteasy_atom_provider_jar=%(resteasy_lib)s/resteasy-atom-provider.jar -pki_resteasy_jaxb_provider_jar==%(resteasy_lib)s/resteasy-jaxb-provider.jar +pki_resteasy_jaxb_provider_jar=%(resteasy_lib)s/resteasy-jaxb-provider.jar pki_resteasy_jaxrs_jar=%(resteasy_lib)s/resteasy-jaxrs.jar pki_resteasy_jettison_provider_jar=%(resteasy_lib)s/resteasy-jettison-provider.jar pki_scannotation_jar=/usr/share/java/scannotation.jar @@ -274,7 +302,7 @@ pki_ldapjdk_jar_link=%(pki_tomcat_common_lib_path)s/ldapjdk.jar pki_tomcat_jar_link=%(pki_tomcat_common_lib_path)s/pki-tomcat.jar pki_resteasy_atom_provider_jar_link=%(pki_tomcat_common_lib_path)s/resteasy-atom-provider.jar pki_resteasy_jaxb_provider_jar_link=%(pki_tomcat_common_lib_path)s/resteasy-jaxb-provider.jar -pki_resteasy_jaxrs_jar_link==%(pki_tomcat_common_lib_path)s/resteasy-jaxrs.jar +pki_resteasy_jaxrs_jar_link=%(pki_tomcat_common_lib_path)s/resteasy-jaxrs.jar pki_resteasy_jettison_provider_jar_link=%(pki_tomcat_common_lib_path)s/resteasy-jettison-provider.jar pki_scannotation_jar_link=%(pki_tomcat_common_lib_path)s/scannotation.jar pki_tomcatjss_jar_link=%(pki_tomcat_common_lib_path)s/tomcatjss.jar @@ -282,6 +310,14 @@ pki_velocity_jar_link=%(pki_tomcat_common_lib_path)s/velocity.jar pki_xerces_j2_jar_link=%(pki_tomcat_common_lib_path)s/xerces-j2.jar pki_xml_commons_apis_jar_link=%(pki_tomcat_common_lib_path)s/xml-commons-apis.jar pki_xml_commons_resolver_jar_link=%(pki_tomcat_common_lib_path)s/xml-commons-resolver.jar +pki_ca_jar=/usr/share/java/pki/pki-ca.jar +pki_ca_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-ca.jar +pki_kra_jar=/usr/share/java/pki/pki-kra.jar +pki_kra_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-kra.jar +pki_ocsp_jar=/usr/share/java/pki/pki-ocsp.jar +pki_ocsp_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-ocsp.jar +pki_tks_jar=usr/share/java/pki/pki-tks.jar +pki_tks_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-tks.jar @@ -352,6 +388,10 @@ pki_source_cacert_profile=%(pki_source_conf_path)s/caCert.profile pki_source_caocspcert_profile=%(pki_source_conf_path)s/caOCSPCert.profile pki_source_servercert_profile=%(pki_source_conf_path)s/serverCert.profile pki_source_subsystemcert_profile=%(pki_source_conf_path)s/subsystemCert.profile +pki_subsystem_emails_path=%(pki_subsystem_path)s/emails +pki_subsystem_profiles_path=%(pki_subsystem_path)s/profiles + + ############################################################################### @@ -468,3 +508,10 @@ pki_subsystem_subject_dn=cn=TKS Subsystem Certificate,o=%(pki_security_domain_na ## required information which MAY be overridden by users as necessary. ## ############################################################################### [TPS] + +# Paths +# These are used in the processing of pkispawn and are not supposed +# to be overwritten by user configuration files. +# +pki_subsystem_signed_audit_log_path=%(pki_subsystem_log_path)s/signedAudit + diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py index d105590a2..248a43cf7 100644 --- a/base/deploy/src/scriptlets/configuration.py +++ b/base/deploy/src/scriptlets/configuration.py @@ -94,7 +94,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # Pass control to the Java servlet via Jython 2.2 'configuration.jy' util.jython.invoke( master['pki_jython_configuration_scriptlet'], - master['RESTEASY_LIB']) + master['resteasy_lib']) return self.rv def respawn(self): diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py index 7b20e474a..4a884617c 100644 --- a/base/deploy/src/scriptlets/pkiconfig.py +++ b/base/deploy/src/scriptlets/pkiconfig.py @@ -57,15 +57,8 @@ PKI_INDENTATION_LEVEL_4 = {'indent' : '............... '} PKI_DEPLOYMENT_INTERRUPT_BANNER = "-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+"\ "-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-" -PKI_DEPLOYMENT_JAR_SOURCE_ROOT = "/usr/share/java" -PKI_DEPLOYMENT_HTTPCOMPONENTS_JAR_SOURCE_ROOT = "/usr/share/java/httpcomponents" -PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT = "/usr/share/java/pki" PKI_DEPLOYMENT_SOURCE_ROOT = "/usr/share/pki" -PKI_DEPLOYMENT_SYSTEMD_ROOT = "/lib/systemd/system" -PKI_DEPLOYMENT_SYSTEMD_CONFIGURATION_ROOT = "/etc/systemd/system" -PKI_DEPLOYMENT_TOMCAT_ROOT = "/usr/share/tomcat" -PKI_DEPLOYMENT_TOMCAT_SYSTEMD = "/usr/sbin/tomcat-sysd" PKI_DEPLOYMENT_BASE_ROOT = "/var/lib/pki" # NOTE: Top-level "/etc/pki" is owned by the "filesystem" package! PKI_DEPLOYMENT_CONFIGURATION_ROOT = "/etc/pki" @@ -79,10 +72,6 @@ PKI_DEPLOYMENT_LOG_ROOT = "/var/log/pki" # the default 'instance' name may be overridden by the value specified # in the configuration file (the value in the default configuration file # should always match the 'default' instance name specified below). -PKI_DEPLOYMENT_REGISTRY_ROOT = "/etc/sysconfig/pki" -PKI_DEPLOYMENT_DEFAULT_ADMIN_DOMAIN_NAME = None -PKI_DEPLOYMENT_DEFAULT_APACHE_SERVICE_NAME = "apache" -PKI_DEPLOYMENT_DEFAULT_TOMCAT_SERVICE_NAME = "tomcat" PKI_DEPLOYMENT_DEFAULT_APACHE_INSTANCE_NAME = "pki-apache" PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME = "pki-tomcat" diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index dfdbb13ec..8f351ac55 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -198,6 +198,12 @@ class PKIConfigParser: 'source /etc/pki/pki.conf && echo $RESTEASY_LIB', shell=True).strip() + # arch dependent libpath + if config.pki_architecture == 64: + arch_java_lib = '/usr/lib64/java' + else: + arch_java_lib = '/usr/lib/java' + predefined_dict = {'pki_instance_name': default_instance_name, 'pki_http_port': default_http_port, 'pki_https_port': default_https_port, @@ -205,7 +211,8 @@ class PKIConfigParser: 'pki_subsystem' : config.pki_subsystem, 'pki_subsystem_type': config.pki_subsystem.lower(), 'pki_root_prefix' : config.pki_root_prefix, - 'resteasy_lib', resteasy_lib, + 'resteasy_lib': resteasy_lib, + 'arch_java_lib': arch_java_lib, 'pki_hostname': config.pki_hostname} self.pki_config = ConfigParser.SafeConfigParser(predefined_dict) @@ -279,236 +286,6 @@ class PKIConfigParser: config.pki_master_dict.update(config.pki_subsystem_dict) config.pki_master_dict.update(__name__="PKI Master Dictionary") - # IMPORTANT: A "PKI instance" no longer corresponds to a single - # pki subystem, but rather to a unique - # "Tomcat web instance" or a unique "Apache web instance". - # - # A "Tomcat web instance" consists of a single process - # which may itself contain zero or one unique - # "CA" and/or "KRA" and/or "OCSP" and/or "TKS" - # pki subystems. Obviously, the "Tomcat web instance" - # must contain at least one of these four pki subystems. - # - # Similarly, an "Apache web instance" consists of a single - # process which may itself contain zero or one unique - # "RA" and/or "TPS" pki subsystems. Obviously, the - # "Apache web instance" must contain at least one of these - # two pki subystems. - # - # Optionally, to more clearly distinguish a "PKI instance", - # a common PKI "Admin Domain" may be used as a suffix to - # either an "Apache web instance", or a - # "Tomcat web instance". - # - # Thus, a specific "PKI instance" of a CA, KRA, OCSP, - # or TKS subystem must be referenced via the name of - # the particular PKI "Tomcat web instance" containing - # this PKI subsystem optionally followed by a - # specified PKI "Admin Domain" separated via a ".". - # - # Likewise, a specific "PKI instance" of an RA, or TPS - # subystem must be referenced via the name of - # the particular PKI "Apache web instance" containing - # this PKI subsystem optionally followed by a - # specified PKI "Admin Domain" separated via a ".". - # - # To emulate the original behavior of having a CA and - # KRA be unique PKI instances, each must be located - # within separately named "Tomcat web instances" if - # residing on the same host machine, or may be located - # within an identically named "PKI instance" when residing - # on two separate host machines. - # - # PKI INSTANCE NAMING CONVENTION: - # - # OLD: "pki-${pki_subsystem}" - # (e. g. Tomcat: "pki-ca", "pki-kra", "pki-ocsp", "pki-tks") - # (e. g. Apache: "pki-ra", "pki-tps") - # NEW: "${pki_instance_name}" - # (e. g. Tomcat: "pki-tomcat", "pki-tomcat.example.com") - # (e. g. Apache: "pki-apache", "pki-apache.example.com") - # - - # Apache/Tomcat instance registry name/value pairs - # Apache-specific instance name/value pairs - if config.pki_master_dict['pki_subsystem'] in\ - config.PKI_TOMCAT_SUBSYSTEMS: - # Tomcat instance common lib jars - if config.pki_master_dict['pki_architecture'] == 64: - config.pki_master_dict['pki_jss_jar'] =\ - os.path.join("/usr/lib64/java", - "jss4.jar") - config.pki_master_dict['pki_symkey_jar'] =\ - os.path.join("/usr/lib64/java", - "symkey.jar") - else: - config.pki_master_dict['pki_jss_jar'] =\ - os.path.join("/usr/lib/java", - "jss4.jar") - config.pki_master_dict['pki_symkey_jar'] =\ - os.path.join("/usr/lib/java", - "symkey.jar") - - # Instance layout NSS security database name/value pairs - config.pki_master_dict['pki_database_path'] =\ - os.path.join( - config.pki_master_dict['pki_instance_configuration_path'], - "alias") - # Apache/Tomcat instance convenience symbolic links - config.pki_master_dict['pki_instance_database_link'] =\ - os.path.join(config.pki_master_dict['pki_instance_path'], - "alias") - config.pki_master_dict['pki_instance_conf_link'] =\ - os.path.join(config.pki_master_dict['pki_instance_path'], - "conf") - config.pki_master_dict['pki_instance_logs_link'] =\ - os.path.join(config.pki_master_dict['pki_instance_path'], - "logs") - # Instance-based PKI subsystem base name/value pairs - config.pki_master_dict['pki_subsystem_path'] =\ - os.path.join(config.pki_master_dict['pki_instance_path'], - config.pki_master_dict['pki_subsystem'].lower()) - # Instance-based PKI subsystem log name/value pairs - config.pki_master_dict['pki_subsystem_log_path'] =\ - os.path.join(config.pki_master_dict['pki_instance_log_path'], - config.pki_master_dict['pki_subsystem'].lower()) - config.pki_master_dict['pki_subsystem_archive_log_path'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_log_path'], - "archive") - # Instance-based PKI subsystem configuration name/value pairs - config.pki_master_dict['pki_subsystem_configuration_path'] =\ - os.path.join( - config.pki_master_dict['pki_instance_configuration_path'], - config.pki_master_dict['pki_subsystem'].lower()) - # Instance-based PKI subsystem registry name/value pairs - config.pki_master_dict['pki_subsystem_registry_path'] =\ - os.path.join(config.pki_master_dict['pki_instance_registry_path'], - config.pki_master_dict['pki_subsystem'].lower()) - # Instance-based Apache/Tomcat PKI subsystem name/value pairs - if config.pki_master_dict['pki_subsystem'] in\ - config.PKI_APACHE_SUBSYSTEMS: - # Instance-based Apache PKI subsystem base name/value pairs - # Instance-based Apache PKI subsystem log name/value pairs - if config.pki_master_dict['pki_subsystem'] == "TPS": - config.pki_master_dict['pki_subsystem_signed_audit_log_path'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_log_path'], - "signedAudit") - # Instance-based Apache PKI subsystem configuration name/value pairs - # Instance-based Apache PKI subsystem registry name/value pairs - # Instance-based Apache PKI subsystem convenience symbolic links - elif config.pki_master_dict['pki_subsystem'] in\ - config.PKI_TOMCAT_SUBSYSTEMS: - # Instance-based Tomcat PKI subsystem base name/value pairs - if config.pki_master_dict['pki_subsystem'] == "CA": - config.pki_master_dict['pki_subsystem_emails_path'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "emails") - config.pki_master_dict['pki_subsystem_profiles_path'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "profiles") - # Instance-based Tomcat PKI subsystem log name/value pairs - config.pki_master_dict['pki_subsystem_signed_audit_log_path'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_log_path'], - "signedAudit") - # Instance-based Tomcat PKI subsystem configuration name/value pairs - # Instance-based Tomcat PKI subsystem registry name/value pairs - # Instance-based Tomcat PKI subsystem convenience symbolic links - config.pki_master_dict['pki_subsystem_tomcat_webapps_link'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "webapps") - # Instance-based Apache/Tomcat PKI subsystem convenience symbolic links - config.pki_master_dict['pki_subsystem_database_link'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "alias") - config.pki_master_dict['pki_subsystem_conf_link'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "conf") - config.pki_master_dict['pki_subsystem_logs_link'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "logs") - config.pki_master_dict['pki_subsystem_registry_link'] =\ - os.path.join(config.pki_master_dict['pki_subsystem_path'], - "registry") - # PKI Target (war file) name/value pairs - if config.pki_master_dict['pki_subsystem'] in\ - config.PKI_TOMCAT_SUBSYSTEMS: - # Tomcat PKI subsystem war file base name/value pairs - config.pki_master_dict['pki_tomcat_webapps_subsystem_path'] =\ - os.path.join(config.pki_master_dict['pki_tomcat_webapps_path'], - config.pki_master_dict['pki_subsystem'].lower()) - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_classes_path'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_path'], - "WEB-INF", - "classes") - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_lib_path'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_path'], - "WEB-INF", - "lib") - config.pki_master_dict['pki_certsrv_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-certsrv.jar") - config.pki_master_dict['pki_cmsbundle_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-cmsbundle.jar") - config.pki_master_dict['pki_cmscore_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-cmscore.jar") - config.pki_master_dict['pki_cms_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-cms.jar") - config.pki_master_dict['pki_cmsutil_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-cmsutil.jar") - config.pki_master_dict['pki_nsutil_jar_link'] =\ - os.path.join( - config.pki_master_dict['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-nsutil.jar") - # Tomcat PKI subsystem war file convenience symbolic links - if config.pki_master_dict['pki_subsystem'] == "CA": - config.pki_master_dict['pki_ca_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT, - "pki-ca.jar") - config.pki_master_dict['pki_ca_jar_link'] =\ - os.path.join( - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-ca.jar") - elif config.pki_master_dict['pki_subsystem'] == "KRA": - config.pki_master_dict['pki_kra_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT, - "pki-kra.jar") - config.pki_master_dict['pki_kra_jar_link'] =\ - os.path.join( - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-kra.jar") - elif config.pki_master_dict['pki_subsystem'] == "OCSP": - config.pki_master_dict['pki_ocsp_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT, - "pki-ocsp.jar") - config.pki_master_dict['pki_ocsp_jar_link'] =\ - os.path.join( - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-ocsp.jar") - elif config.pki_master_dict['pki_subsystem'] == "TKS": - config.pki_master_dict['pki_tks_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT, - "pki-tks.jar") - config.pki_master_dict['pki_tks_jar_link'] =\ - os.path.join( - config.pki_master_dict\ - ['pki_tomcat_webapps_subsystem_webinf_lib_path'], - "pki-tks.jar") # PKI Target (slot substitution) name/value pairs config.pki_master_dict['pki_target_cs_cfg'] =\ os.path.join( |