diff options
Diffstat (limited to 'pki/base/ocsp/shared/conf/CS.cfg.in')
| -rw-r--r-- | pki/base/ocsp/shared/conf/CS.cfg.in | 330 |
1 files changed, 330 insertions, 0 deletions
diff --git a/pki/base/ocsp/shared/conf/CS.cfg.in b/pki/base/ocsp/shared/conf/CS.cfg.in new file mode 100644 index 000000000..1646d2600 --- /dev/null +++ b/pki/base/ocsp/shared/conf/CS.cfg.in @@ -0,0 +1,330 @@ +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2006 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +pkicreate.pki_instance_root=[PKI_INSTANCE_ROOT] +pkicreate.pki_instance_name=[PKI_INSTANCE_ID] +pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE] +pkicreate.agent_secure_port=[PKI_AGENT_SECURE_PORT] +pkicreate.ee_secure_port=[PKI_EE_SECURE_PORT] +pkicreate.admin_secure_port=[PKI_ADMIN_SECURE_PORT] +pkicreate.secure_port=[PKI_SECURE_PORT] +pkicreate.unsecure_port=[PKI_UNSECURE_PORT] +pkicreate.tomcat_server_port=[TOMCAT_SERVER_PORT] +pkicreate.user=[PKI_USER] +pkicreate.group=[PKI_GROUP] +pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] +installDate=[INSTALL_TIME] +cs.type=OCSP +admin.interface.uri=ocsp/admin/console/config/wizard +agent.interface.uri=ocsp/agent/ocsp +preop.admin.name=Online Certificate Status Manager Administrator +preop.admin.group=Online Certificate Status Manager Agents +preop.admincert.profile=caAdminCert +preop.securitydomain.admin_url=https://[PKI_MACHINE_NAME]:9445 +preop.wizard.name=OCSP Setup Wizard +preop.product.name=CS +preop.product.version=@VERSION@ +preop.system.name=OCSP +preop.system.fullname=OCSP Responder +proxy.securePort=[PKI_PROXY_SECURE_PORT] +proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT] +preop.configModules.module0.userFriendlyName=NSS Internal PKCS #11 Module +preop.configModules.module0.commonName=NSS Internal PKCS #11 Module +preop.configModules.module0.imagePath=../img/clearpixel.gif +preop.configModules.module1.userFriendlyName=nCipher's nFast Token Hardware Module +preop.configModules.module1.commonName=nfast +preop.configModules.module1.imagePath=../img/clearpixel.gif +preop.configModules.module2.userFriendlyName=SafeNet's LunaSA Token Hardware Module +preop.configModules.module2.commonName=lunasa +preop.configModules.module2.imagePath=../img/clearpixel.gif +preop.configModules.count=3 +preop.module.token=Internal Key Storage Token +ocsp.cert.list=signing,sslserver,subsystem,audit_signing +preop.cert.list=signing,sslserver,subsystem,audit_signing +ocsp.cert.signing=StatusResponder +ocsp.cert.sslserver.certusage=SSLServer +ocsp.cert.subsystem.certusage=SSLClient +ocsp.cert.audit_signing.certusage=ObjectSigner +preop.cert.ocsp_signing.enable=true +preop.cert.sslserver.enable=true +preop.cert.subsystem.enable=true +preop.cert.audit_signing.enable=true +preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA +preop.cert.audit_signing.dn=CN=OCSP Audit Signing Certificate +preop.cert.audit_signing.keysize.custom_size=2048 +preop.cert.audit_signing.keysize.size=2048 +preop.cert.audit_signing.nickname=auditSigningCert cert-[PKI_INSTANCE_ID] +preop.cert.audit_signing.profile=caInternalAuthAuditSigningCert +preop.cert.audit_signing.signing.required=false +preop.cert.audit_signing.subsystem=ocsp +preop.cert.audit_signing.type=remote +preop.cert.audit_signing.userfriendlyname=OCSP Audit Signing Certificate +preop.cert.audit_signing.cncomponent.override=true +preop.cert.signing.defaultSigningAlgorithm=SHA256withRSA +preop.cert.signing.dn=CN=OCSP Signing Certificate +preop.cert.signing.keysize.custom_size=2048 +preop.cert.signing.keysize.size=2048 +preop.cert.signing.nickname=ocspSigningCert cert-[PKI_INSTANCE_ID] +preop.cert.signing.profile=caInternalAuthOCSPCert +preop.cert.signing.signing.required=true +preop.cert.signing.subsystem=ocsp +preop.cert.signing.type=remote +preop.cert.signing.userfriendlyname=OCSP Signing Certificate +preop.cert.signing.cncomponent.override=true +preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA +preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME] +preop.cert.sslserver.keysize.custom_size=2048 +preop.cert.sslserver.keysize.size=2048 +preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_ID] +preop.cert.sslserver.profile=caInternalAuthServerCert +preop.cert.sslserver.signing.required=false +preop.cert.sslserver.subsystem=ocsp +preop.cert.sslserver.type=remote +preop.cert.sslserver.userfriendlyname=SSL Server Certificate +preop.cert.sslserver.cncomponent.override=false +preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA +preop.cert.subsystem.dn=CN=OCSP Subsystem Certificate +preop.cert.subsystem.keysize.custom_size=2048 +preop.cert.subsystem.keysize.size=2048 +preop.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] +preop.cert.subsystem.profile=caInternalAuthSubsystemCert +preop.cert.subsystem.signing.required=false +preop.cert.subsystem.subsystem=ocsp +preop.cert.subsystem.type=remote +preop.cert.subsystem.userfriendlyname=Subsystem Certificate +preop.cert.subsystem.cncomponent.override=true +cs.state=0 +authType=pwd +instanceRoot=[PKI_INSTANCE_PATH] +machineName=[PKI_MACHINE_NAME] +instanceId=[PKI_INSTANCE_ID] +service.machineName=[PKI_MACHINE_NAME] +service.instanceDir=[PKI_INSTANCE_ROOT] +service.securePort=[PKI_AGENT_SECURE_PORT] +service.non_clientauth_securePort=[PKI_EE_SECURE_PORT] +service.unsecurePort=[PKI_UNSECURE_PORT] +service.instanceID=[PKI_INSTANCE_ID] +preop.pin=[PKI_RANDOM_NUMBER] +passwordFile=[PKI_INSTANCE_PATH]/conf/password.conf +passwordClass=com.netscape.cmsutil.password.PlainPasswordFile +multiroles=true +multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Adminstrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group +CrossCertPair._000=## +CrossCertPair._001=## CrossCertPair Import +CrossCertPair._002=## +CrossCertPair.ldap=internaldb +accessEvaluator.impl.group.class=com.netscape.cms.evaluators.GroupAccessEvaluator +accessEvaluator.impl.ipaddress.class=com.netscape.cms.evaluators.IPAddressAccessEvaluator +accessEvaluator.impl.user.class=com.netscape.cms.evaluators.UserAccessEvaluator +auths._000=## +auths._001=## new authentication +auths._002=## +auths.impl._000=## +auths.impl._001=## authentication manager implementations +auths.impl._002=## +auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication +auths.impl.CMCAuth.class=com.netscape.cms.authentication.CMCAuth +auths.impl.NISAuth.class=com.netscape.cms.authentication.NISAuth +auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll +auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication +auths.impl.UdnPwdDirAuth.class=com.netscape.cms.authentication.UdnPwdDirAuthentication +auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication +auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication +auths.instance.AgentCertAuth.agentGroup=Certificate Manager Agents +auths.instance.AgentCertAuth.pluginName=AgentCertAuth +auths.instance.TokenAuth.pluginName=TokenAuth +auths.revocationChecking.bufferSize=50 +authz._000=## +authz._001=## new authorizatioin +authz._002=## +authz.evaluateOrder=deny,allow +authz.sourceType=ldap +authz.impl._000=## +authz.impl._001=## authorization manager implementations +authz.impl._002=## +authz.impl.BasicAclAuthz.class=com.netscape.cms.authorization.BasicAclAuthz +authz.impl.DirAclAuthz.class=com.netscape.cms.authorization.DirAclAuthz +authz.instance.BasicAclAuthz.pluginName=BasicAclAuthz +authz.instance.DirAclAuthz.ldap=internaldb +authz.instance.DirAclAuthz.pluginName=DirAclAuthz +authz.instance.DirAclAuthz.ldap._000=## +authz.instance.DirAclAuthz.ldap._001=## Internal Database +authz.instance.DirAclAuthz.ldap._002=## +cmc.cert.confirmRequired=false +cmc.lraPopWitness.verify.allow=true +cmc.revokeCert.verify=true +cmc.revokeCert.sharedSecret.class=com.netscape.cms.authentication.SharedSecret +cmc.sharedSecret.class=com.netscape.cms.authentication.SharedSecret +cms.version=@MAJOR_VERSION@.@MINOR_VERSION@ +dbs.ldap=internaldb +dbs.newSchemaEntryAdded=true +debug.append=true +debug.enabled=true +debug.filename=[PKI_INSTANCE_PATH]/logs/debug +debug.hashkeytypes= +debug.level=0 +debug.showcaller=false +keys.ecc.curve.list=nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2 +keys.ecc.curve.default=nistp521 +keys.rsa.keysize.default=2048 +internaldb._000=## +internaldb._001=## Internal Database +internaldb._002=## +internaldb.maxConns=15 +internaldb.minConns=3 +internaldb.ldapauth.authtype=BasicAuth +internaldb.ldapauth.bindDN=cn=Directory Manager +internaldb.ldapauth.bindPWPrompt=Internal LDAP Database +internaldb.ldapauth.clientCertNickname= +internaldb.ldapconn.host= +internaldb.ldapconn.port= +internaldb.ldapconn.secureConn=false +preop.internaldb.schema.ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/schema.ldif +preop.internaldb.ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/database.ldif +preop.internaldb.data_ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/db.ldif,/usr/share/[PKI_FLAVOR]/ocsp/conf/acl.ldif +preop.internaldb.index_ldif=/usr/share/[PKI_FLAVOR]/ocsp/conf/index.ldif +preop.internaldb.post_ldif= +preop.internaldb.wait_dn= +internaldb.multipleSuffix.enable=false +jss._000=## +jss._001=## JSS +jss._002=## +jss.configDir=[PKI_INSTANCE_PATH]/alias/ +jss.enable=true +jss.secmodName=secmod.db +jss.ocspcheck.enable=false +jss.ssl.cipherfortezza=true +jss.ssl.cipherpref= +jss.ssl.cipherversion=cipherdomestic +log._000=## +log._001=## Logging +log._002=## +log.impl.file.class=com.netscape.cms.logging.RollingLogFile +log.instance.SignedAudit._000=## +log.instance.SignedAudit._001=## Signed Audit Logging +log.instance.SignedAudit._002=## +log.instance.SignedAudit._003=## +log.instance.SignedAudit._004=## Available Audit events: +log.instance.SignedAudit._005=## AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION +log.instance.SignedAudit._006=## +log.instance.SignedAudit.bufferSize=512 +log.instance.SignedAudit.enable=true +log.instance.SignedAudit.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION +log.instance.SignedAudit.expirationTime=0 +log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/signedAudit/ocsp_cert-ocsp_audit +log.instance.SignedAudit.flushInterval=5 +log.instance.SignedAudit.level=1 +log.instance.SignedAudit.logSigning=false +log.instance.SignedAudit.maxFileSize=2000 +log.instance.SignedAudit.pluginName=file +log.instance.SignedAudit.rolloverInterval=2592000 +log.instance.SignedAudit.signedAudit:_000=## +log.instance.SignedAudit.signedAudit:_001=## Fill in the nickname of a trusted signing certificate to allow OCSP audit logs to be signed +log.instance.SignedAudit.signedAudit:_002=## +log.instance.SignedAudit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_ID] +log.instance.SignedAudit.type=signedAudit +log.instance.System._000=## +log.instance.System._001=## System Logging +log.instance.System._002=## +log.instance.System.bufferSize=512 +log.instance.System.enable=true +log.instance.System.expirationTime=0 +log.instance.System.fileName=[PKI_INSTANCE_PATH]/logs/system +log.instance.System.flushInterval=5 +log.instance.System.level=3 +log.instance.System.maxFileSize=2000 +log.instance.System.pluginName=file +log.instance.System.rolloverInterval=2592000 +log.instance.System.type=system +log.instance.Transactions._000=## +log.instance.Transactions._001=## Transaction Logging +log.instance.Transactions._002=## +log.instance.Transactions.bufferSize=512 +log.instance.Transactions.enable=true +log.instance.Transactions.expirationTime=0 +log.instance.Transactions.fileName=[PKI_INSTANCE_PATH]/logs/transactions +log.instance.Transactions.flushInterval=5 +log.instance.Transactions.level=1 +log.instance.Transactions.maxFileSize=2000 +log.instance.Transactions.pluginName=file +log.instance.Transactions.rolloverInterval=2592000 +log.instance.Transactions.type=transaction +logAudit.fileName=[PKI_INSTANCE_PATH]/logs/access +logError.fileName=[PKI_INSTANCE_PATH]/logs/error +ocsp.certNickname= +ocsp.storeId=defStore +ocsp.signing.certnickname= +ocsp.signing.defaultSigningAlgorithm=SHA256withRSA +ocsp.signing.tokenname=internal +ocsp.store.defStore.class=com.netscape.cms.ocsp.DefStore +ocsp.store.defStore.includeNextUpdate=false +ocsp.store.defStore.notFoundAsGood=true +ocsp.store.ldapStore.class=com.netscape.cms.ocsp.LDAPStore +oidmap.auth_info_access.class=netscape.security.extensions.AuthInfoAccessExtension +oidmap.auth_info_access.oid=1.3.6.1.5.5.7.1.1 +oidmap.challenge_password.class=com.netscape.cms.servlet.cert.scep.ChallengePassword +oidmap.challenge_password.oid=1.2.840.113549.1.9.7 +oidmap.extended_key_usage.class=netscape.security.extensions.ExtendedKeyUsageExtension +oidmap.extended_key_usage.oid=2.5.29.37 +oidmap.extensions_requested_pkcs9.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested +oidmap.extensions_requested_pkcs9.oid=1.2.840.113549.1.9.14 +oidmap.extensions_requested_vsgn.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested +oidmap.extensions_requested_vsgn.oid=2.16.840.1.113733.1.9.8 +oidmap.netscape_comment.class=netscape.security.x509.NSCCommentExtension +oidmap.netscape_comment.oid=2.16.840.1.113730.1.13 +oidmap.ocsp_no_check.class=netscape.security.extensions.OCSPNoCheckExtension +oidmap.ocsp_no_check.oid=1.3.6.1.5.5.7.48.1.5 +oidmap.pse.class=netscape.security.extensions.PresenceServerExtension +oidmap.pse.oid=2.16.840.1.113730.1.18 +oidmap.subject_info_access.class=netscape.security.extensions.SubjectInfoAccessExtension +oidmap.subject_info_access.oid=1.3.6.1.5.5.7.1.11 +os.serverName=cert-[PKI_INSTANCE_ID] +os.userid=nobody +registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg +selftests._000=## +selftests._001=## Self Tests +selftests._002=## +selftests._003=## The Self-Test plugin SystemCertsVerification uses the +selftests._004=## following parameters (where certusage is optional): +selftests._005=## ocsp.cert.list = <list of cert tag names deliminated by ","> +selftests._006=## ocsp.cert.<cert tag name>.nickname +selftests._007=## ocsp.cert.<cert tag name>.certusage +selftests._008=## +selftests.container.instance.OCSPPresence=com.netscape.cms.selftests.ocsp.OCSPPresence +selftests.container.instance.OCSPValidity=com.netscape.cms.selftests.ocsp.OCSPValidity +selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification +selftests.container.logger.bufferSize=512 +selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile +selftests.container.logger.enable=true +selftests.container.logger.expirationTime=0 +selftests.container.logger.fileName=[PKI_INSTANCE_PATH]/logs/selftests.log +selftests.container.logger.flushInterval=5 +selftests.container.logger.level=1 +selftests.container.logger.maxFileSize=2000 +selftests.container.logger.register=false +selftests.container.logger.rolloverInterval=2592000 +selftests.container.logger.type=transaction +selftests.container.order.onDemand=OCSPPresence:critical, SystemCertsVerification:critical, OCSPValidity:critical +selftests.container.order.startup=OCSPPresence:critical, SystemCertsVerification:critical +selftests.plugin.OCSPPresence.OcspSubId=ocsp +selftests.plugin.OCSPValidity.OcspSubId=ocsp +selftests.plugin.SystemCertsVerification.SubId=ocsp +smtp.host=localhost +smtp.port=25 +subsystem.0.class=com.netscape.ocsp.OCSPAuthority +subsystem.0.id=ocsp +subsystem.1.class=com.netscape.cmscore.selftests.SelfTestSubsystem +subsystem.1.id=selftests +subsystem.2.class=com.netscape.cmscore.util.StatsSubsystem +subsystem.2.id=stats +usrgrp._000=## +usrgrp._001=## User/Group +usrgrp._002=## +usrgrp.ldap=internaldb +multiroles._000=## +multiroles._001=## multiroles +multiroles._002=## +multiroles.enable=true +multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Adminstrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group |