summaryrefslogtreecommitdiffstats
path: root/base/tps/shared/conf/CS.cfg.in
diff options
context:
space:
mode:
Diffstat (limited to 'base/tps/shared/conf/CS.cfg.in')
-rw-r--r--base/tps/shared/conf/CS.cfg.in95
1 files changed, 95 insertions, 0 deletions
diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in
index d5c0f312e..65c8207cc 100644
--- a/base/tps/shared/conf/CS.cfg.in
+++ b/base/tps/shared/conf/CS.cfg.in
@@ -32,6 +32,12 @@ selftests.container.order.startup=TPSPresence:critical, TPSSystemCertsVerificati
selftests.container.order.onDemand=TPSPresence:critical, TPSValidity:critical, TPSSystemCertsVerification:critical
selftests.plugin.TPSPresence.nickname=[HSM_LABEL][NICKNAME]
selftests.plugin.TPSValidity.nickname=[HSM_LABEL][NICKNAME]
+cs.state=0
+authType=pwd
+instanceRoot=[PKI_INSTANCE_PATH]
+configurationRoot=/[PKI_SUBSYSTEM_TYPE]/conf/
+machineName=[PKI_HOSTNAME]
+instanceId=[PKI_INSTANCE_NAME]
service.machineName=[PKI_HOSTNAME]
service.instanceDir=[PKI_INSTANCE_PATH]
service.securePort=[PKI_SECURE_PORT]
@@ -118,6 +124,61 @@ logging.error.file.type=RollingLogFile
logging.error.maxFileSize=2000
logging.error.rolloverInterval=2592000
logging.error.expirationTime=0
+log._000=##
+log._001=## Logging
+log._002=##
+log.impl.file.class=com.netscape.cms.logging.RollingLogFile
+log.instance.SignedAudit._000=##
+log.instance.SignedAudit._001=## Signed Audit Logging
+log.instance.SignedAudit._002=##
+log.instance.SignedAudit._003=##
+log.instance.SignedAudit._004=## Available Audit events:
+log.instance.SignedAudit._005=## AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION
+log.instance.SignedAudit._006=##
+log.instance.SignedAudit.bufferSize=512
+log.instance.SignedAudit.enable=true
+log.instance.SignedAudit.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION
+log.instance.SignedAudit.expirationTime=0
+log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/signedAudit/tps_cert-tps_audit
+log.instance.SignedAudit.flushInterval=5
+log.instance.SignedAudit.level=1
+log.instance.SignedAudit.logSigning=false
+log.instance.SignedAudit.maxFileSize=2000
+log.instance.SignedAudit.pluginName=file
+log.instance.SignedAudit.rolloverInterval=2592000
+log.instance.SignedAudit.signedAudit:_000=##
+log.instance.SignedAudit.signedAudit:_001=## Fill in the nickname of a trusted signing certificate to allow TPS audit logs to be signed
+log.instance.SignedAudit.signedAudit:_002=##
+log.instance.SignedAudit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_NAME]
+log.instance.SignedAudit.type=signedAudit
+log.instance.System._000=##
+log.instance.System._001=## System Logging
+log.instance.System._002=##
+log.instance.System.bufferSize=512
+log.instance.System.enable=true
+log.instance.System.expirationTime=0
+log.instance.System.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/system
+log.instance.System.flushInterval=5
+log.instance.System.level=3
+log.instance.System.maxFileSize=2000
+log.instance.System.pluginName=file
+log.instance.System.rolloverInterval=2592000
+log.instance.System.type=system
+log.instance.Transactions._000=##
+log.instance.Transactions._001=## Transaction Logging
+log.instance.Transactions._002=##
+log.instance.Transactions.bufferSize=512
+log.instance.Transactions.enable=true
+log.instance.Transactions.expirationTime=0
+log.instance.Transactions.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/transactions
+log.instance.Transactions.flushInterval=5
+log.instance.Transactions.level=1
+log.instance.Transactions.maxFileSize=2000
+log.instance.Transactions.pluginName=file
+log.instance.Transactions.rolloverInterval=2592000
+log.instance.Transactions.type=transaction
+logAudit.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/access
+logError.fileName=[PKI_INSTANCE_PATH]/logs/[PKI_SUBSYSTEM_TYPE]/error
conn.ca1._000=#########################################
conn.ca1._001=# CA connection
conn.ca1._002=#
@@ -371,6 +432,30 @@ channel.defKeyIndex=0
#
preop.pin=[PKI_RANDOM_NUMBER]
cms.product.version=@APPLICATION_VERSION@
+preop.admin.name=Token Processing Service Manager Administrator
+preop.admin.group=Token Processing Service Manager Agents
+preop.admincert.profile=caAdminCert
+dbs.ldap=internaldb
+dbs.newSchemaEntryAdded=true
+internaldb._000=##
+internaldb._001=## Internal Database
+internaldb._002=##
+internaldb.maxConns=15
+internaldb.minConns=3
+internaldb.ldapauth.authtype=BasicAuth
+internaldb.ldapauth.bindDN=cn=Directory Manager
+internaldb.ldapauth.bindPWPrompt=Internal LDAP Database
+internaldb.ldapauth.clientCertNickname=
+internaldb.ldapconn.host=
+internaldb.ldapconn.port=
+internaldb.ldapconn.secureConn=false
+preop.internaldb.schema.ldif=/usr/share/pki/tps/conf/schema.ldif
+preop.internaldb.ldif=/usr/share/pki/tps/conf/database.ldif
+preop.internaldb.data_ldif=/usr/share/pki/tps/conf/db.ldif,/usr/share/pki/tps/conf/acl.ldif
+preop.internaldb.index_ldif=/usr/share/pki/tps/conf/index.ldif
+preop.internaldb.manager_ldif=/usr/share/pki/ca/conf/manager.ldif
+preop.internaldb.post_ldif=
+preop.internaldb.wait_dn=
preop.cert._000=#########################################
preop.cert._001=# Installation configuration "preop" certs parameters
preop.cert._002=#########################################
@@ -390,6 +475,7 @@ preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_NAME]
preop.cert.sslserver.profile=caInternalAuthServerCert
preop.cert.sslserver.subsystem=tps
preop.cert._003=#preop.cert.sslserver.type=local
+preop.cert.sslserver.type=remote
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert._004=#preop.cert.sslserver.cncomponent.override=false
preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
@@ -1414,6 +1500,11 @@ op.format.tokenKey.auth.id=ldap1
op.format.tokenKey.auth.enable=true
op.format.tokenKey.issuerinfo.enable=true
op.format.tokenKey.issuerinfo.value=http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/cgi-bin/home/index.cgi
+passwordFile=[PKI_INSTANCE_PATH]/conf/password.conf
+passwordClass=com.netscape.cmsutil.password.PlainPasswordFile
+registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg
+subsystem.0.class=org.dogtagpki.tps.server.TPSAuthority
+subsystem.0.id=tps
tokendb._000=#########################################
tokendb._001=# tokendb.auditLog:
tokendb._002=# - audit log path
@@ -1606,3 +1697,7 @@ tps.cert.list=sslserver,subsystem,audit_signing
tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME]
tps.cert.subsystem.nickname=[HSM_LABEL][NICKNAME]
tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME]
+usrgrp._000=##
+usrgrp._001=## User/Group
+usrgrp._002=##
+usrgrp.ldap=internaldb
generated by cgit (git 2.34.1) at 2024-05-27 11:21:32 +0000