diff options
Diffstat (limited to 'base')
-rw-r--r-- | base/kra/shared/conf/CS.cfg.in | 1 | ||||
-rw-r--r-- | base/ocsp/shared/conf/CS.cfg.in | 1 | ||||
-rw-r--r-- | base/server/config/pkislots.cfg | 1 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkiparser.py | 7 | ||||
-rw-r--r-- | base/server/share/conf/tomcat.conf | 5 | ||||
-rw-r--r-- | base/server/tomcat7/conf/server.xml | 2 | ||||
-rw-r--r-- | base/server/tomcat8/conf/server.xml | 2 | ||||
-rw-r--r-- | base/tks/shared/conf/CS.cfg.in | 1 | ||||
-rw-r--r-- | base/tps/shared/conf/CS.cfg.in | 1 |
9 files changed, 20 insertions, 1 deletions
diff --git a/base/kra/shared/conf/CS.cfg.in b/base/kra/shared/conf/CS.cfg.in index 1e725d3f1..da7195530 100644 --- a/base/kra/shared/conf/CS.cfg.in +++ b/base/kra/shared/conf/CS.cfg.in @@ -179,6 +179,7 @@ cmc.revokeCert.verify=true cmc.revokeCert.sharedSecret.class=com.netscape.cms.authentication.SharedSecret cmc.sharedSecret.class=com.netscape.cms.authentication.SharedSecret cms.version=@APPLICATION_VERSION_MAJOR@.@APPLICATION_VERSION_MINOR@ +cms.passwordlist=internaldb,replicationdb dbs.enableSerialManagement=false dbs.beginRequestNumber=1 dbs.endRequestNumber=10000000 diff --git a/base/ocsp/shared/conf/CS.cfg.in b/base/ocsp/shared/conf/CS.cfg.in index eea4cb4e8..cfc9ec24b 100644 --- a/base/ocsp/shared/conf/CS.cfg.in +++ b/base/ocsp/shared/conf/CS.cfg.in @@ -26,6 +26,7 @@ preop.securitydomain.admin_url=https://[PKI_HOSTNAME]:9445 preop.wizard.name=OCSP Setup Wizard preop.product.name=CS cms.product.version=@APPLICATION_VERSION@ +cms.passwordlist=internaldb,replicationdb preop.system.name=OCSP preop.system.fullname=OCSP Responder proxy.securePort=[PKI_PROXY_SECURE_PORT] diff --git a/base/server/config/pkislots.cfg b/base/server/config/pkislots.cfg index 8ee93964e..23c1f824a 100644 --- a/base/server/config/pkislots.cfg +++ b/base/server/config/pkislots.cfg @@ -1,6 +1,7 @@ [Tomcat] application_version=[APPLICATION_VERSION] INSTALL_TIME_SLOT=[INSTALL_TIME] +NUXWDOG_JNI_PATH_SLOT=[NUXWDOG_JNI_PATH] PKI_ADMIN_SECURE_PORT_SLOT=[PKI_ADMIN_SECURE_PORT] PKI_ADMIN_SECURE_PORT_CONNECTOR_NAME_SLOT=[PKI_ADMIN_SECURE_PORT_CONNECTOR_NAME] PKI_ADMIN_SECURE_PORT_SERVER_COMMENT_SLOT=[PKI_ADMIN_SECURE_PORT_SERVER_COMMENT] diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index 7d82c18fc..93473feaf 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -1007,6 +1007,13 @@ class PKIConfigParser: "+TLS_DHE_RSA_WITH_AES_128_CBC_SHA," + \ "+TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + if config.pki_architecture == 64: + self.mdict['NUXWDOG_JNI_PATH_SLOT'] = ( + '/usr/lib64/nuxwdog-jni') + else: + self.mdict['NUXWDOG_JNI_PATH_SLOT'] = ( + '/usr/lib/nuxwdog-jni') + # tps parameters self.mdict['TOKENDB_HOST_SLOT'] = \ self.mdict['pki_ds_hostname'] diff --git a/base/server/share/conf/tomcat.conf b/base/server/share/conf/tomcat.conf index 8651b80bc..83a6cf1e6 100644 --- a/base/server/share/conf/tomcat.conf +++ b/base/server/share/conf/tomcat.conf @@ -33,7 +33,7 @@ CATALINA_TMPDIR=[PKI_TMPDIR] # -Djava.library.path=/usr/lib # - parameters to run a java debugger (e. g. - 'eclipse') # -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n -Djava.awt.headless=true -Xmx128M -JAVA_OPTS="-DRESTEASY_LIB=[PKI_RESTEASY_LIB]" +JAVA_OPTS="-DRESTEASY_LIB=[PKI_RESTEASY_LIB] -Djava.library.path=[NUXWDOG_JNI_PATH]" # What user should run tomcat TOMCAT_USER="[PKI_USER]" @@ -68,3 +68,6 @@ PKI_VERSION=[APPLICATION_VERSION] # Debian settings TOMCAT7_USER="[PKI_USER]" TOMCAT7_SECURITY="[PKI_SECURITY_MANAGER]" + +# Use Nuxwdog to start server +USE_NUXWDOG="false" diff --git a/base/server/tomcat7/conf/server.xml b/base/server/tomcat7/conf/server.xml index b9e8860b2..8b6e40473 100644 --- a/base/server/tomcat7/conf/server.xml +++ b/base/server/tomcat7/conf/server.xml @@ -94,6 +94,8 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> + <Listener className="com.netscape.cms.tomcat.NuxwdogPasswordStoreInitializer"/> + <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. diff --git a/base/server/tomcat8/conf/server.xml b/base/server/tomcat8/conf/server.xml index ce8fc57dc..2f4d470be 100644 --- a/base/server/tomcat8/conf/server.xml +++ b/base/server/tomcat8/conf/server.xml @@ -95,6 +95,8 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> + <Listener className="com.netscape.cms.tomcat.NuxwdogPasswordStoreInitializer"/> + <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. diff --git a/base/tks/shared/conf/CS.cfg.in b/base/tks/shared/conf/CS.cfg.in index 99660cc6f..8579ef21b 100644 --- a/base/tks/shared/conf/CS.cfg.in +++ b/base/tks/shared/conf/CS.cfg.in @@ -26,6 +26,7 @@ preop.wizard.name=TKS Setup Wizard preop.system.name=TKS preop.product.name=CS cms.product.version=@APPLICATION_VERSION@ +cms.passwordlist=internaldb,replicationdb preop.system.fullname=Token Key Service proxy.securePort=[PKI_PROXY_SECURE_PORT] proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT] diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in index e583ac097..e4733f815 100644 --- a/base/tps/shared/conf/CS.cfg.in +++ b/base/tps/shared/conf/CS.cfg.in @@ -115,6 +115,7 @@ channel.defKeyVersion=0 channel.defKeyIndex=0 cms.product.version=@APPLICATION_VERSION@ cms.version=@APPLICATION_VERSION_MAJOR@.@APPLICATION_VERSION_MINOR@ +cms.passwordlist=internaldb config.Generals.General.state=Enabled config.Generals.General.timestamp=1280283607424406 configurationRoot=/[PKI_SUBSYSTEM_TYPE]/conf/ |