summaryrefslogtreecommitdiffstats
path: root/base/server/etc/default.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/etc/default.cfg')
-rw-r--r--base/server/etc/default.cfg23
1 files changed, 13 insertions, 10 deletions
diff --git a/base/server/etc/default.cfg b/base/server/etc/default.cfg
index ea9c54019..41b3bd39f 100644
--- a/base/server/etc/default.cfg
+++ b/base/server/etc/default.cfg
@@ -114,6 +114,8 @@ pki_ssl_server_token=Internal Key Storage Token
pki_subsystem_key_algorithm=SHA256withRSA
pki_subsystem_key_size=2048
pki_subsystem_key_type=rsa
+pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s
+pki_subsystem_subject_dn=cn=Subsystem Certificate,o=%(pki_security_domain_name)s
pki_subsystem_token=Internal Key Storage Token
pki_theme_enable=True
pki_theme_server_dir=/usr/share/pki/common-ui
@@ -399,8 +401,7 @@ pki_ds_base_dn=o=%(pki_instance_name)s-CA
pki_ds_database=%(pki_instance_name)s-CA
pki_ds_hostname=%(pki_hostname)s
pki_subsystem_name=CA %(pki_hostname)s %(pki_https_port)s
-pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s CA
-pki_subsystem_subject_dn=cn=CA Subsystem Certificate,o=%(pki_security_domain_name)s
+pki_share_db=False
# Paths
# These are used in the processing of pkispawn and are not supposed
@@ -479,8 +480,9 @@ pki_ds_base_dn=o=%(pki_instance_name)s-KRA
pki_ds_database=%(pki_instance_name)s-KRA
pki_ds_hostname=%(pki_hostname)s
pki_subsystem_name=KRA %(pki_hostname)s %(pki_https_port)s
-pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s KRA
-pki_subsystem_subject_dn=cn=KRA Subsystem Certificate,o=%(pki_security_domain_name)s
+pki_share_db=True
+pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA
+
# Paths
# These are used in the processing of pkispawn and are not supposed
@@ -540,8 +542,9 @@ pki_ds_base_dn=o=%(pki_instance_name)s-OCSP
pki_ds_database=%(pki_instance_name)s-OCSP
pki_ds_hostname=%(pki_hostname)s
pki_subsystem_name=OCSP %(pki_hostname)s %(pki_https_port)s
-pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s OCSP
-pki_subsystem_subject_dn=cn=OCSP Subsystem Certificate,o=%(pki_security_domain_name)s
+pki_share_db=True
+pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA
+
###############################################################################
## RA Configuration: ##
@@ -571,8 +574,8 @@ pki_ds_base_dn=o=%(pki_instance_name)s-TKS
pki_ds_database=%(pki_instance_name)s-TKS
pki_ds_hostname=%(pki_hostname)s
pki_subsystem_name=TKS %(pki_hostname)s %(pki_https_port)s
-pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s TKS
-pki_subsystem_subject_dn=cn=TKS Subsystem Certificate,o=%(pki_security_domain_name)s
+pki_share_db=True
+pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA
###############################################################################
## TPS Configuration: ##
@@ -593,8 +596,6 @@ pki_ds_base_dn=o=%(pki_instance_name)s-TPS
pki_ds_database=%(pki_instance_name)s-TPS
pki_ds_hostname=%(pki_hostname)s
pki_subsystem_name=TPS %(pki_hostname)s %(pki_https_port)s
-pki_subsystem_nickname=subsystemCert cert-%(pki_instance_name)s TPS
-pki_subsystem_subject_dn=cn=TPS Subsystem Certificate,o=%(pki_security_domain_name)s
pki_authdb_hostname=%(pki_hostname)s
pki_authdb_port=389
pki_authdb_secure_conn=False
@@ -603,6 +604,8 @@ pki_kra_uri=https://%(pki_hostname)s:%(pki_https_port)s
pki_tks_uri=https://%(pki_hostname)s:%(pki_https_port)s
pki_enable_server_side_keygen=False
pki_import_shared_secret=False
+pki_share_db=True
+pki_share_dbuser_dn=uid=pkidbuser,ou=people,o=%(pki_instance_name)s-CA
# Paths
# These are used in the processing of pkispawn and are not supposed
generated by cgit (git 2.34.1) at 2024-06-17 01:53:50 +0000