diff options
Diffstat (limited to 'pki/base/tks/shared/conf/CS.cfg.in')
-rw-r--r-- | pki/base/tks/shared/conf/CS.cfg.in | 350 |
1 files changed, 0 insertions, 350 deletions
diff --git a/pki/base/tks/shared/conf/CS.cfg.in b/pki/base/tks/shared/conf/CS.cfg.in deleted file mode 100644 index 195201e4d..000000000 --- a/pki/base/tks/shared/conf/CS.cfg.in +++ /dev/null @@ -1,350 +0,0 @@ -_000=## -_001=## Token Key Service (TKS) Configuration File -_002=## -pidDir=[PKI_PIDDIR] -pkicreate.pki_instance_root=[PKI_INSTANCE_ROOT] -pkicreate.pki_instance_name=[PKI_INSTANCE_ID] -pkicreate.subsystem_type=[PKI_SUBSYSTEM_TYPE] -pkicreate.agent_secure_port=[PKI_AGENT_SECURE_PORT] -pkicreate.ee_secure_port=[PKI_EE_SECURE_PORT] -pkicreate.admin_secure_port=[PKI_ADMIN_SECURE_PORT] -pkicreate.secure_port=[PKI_SECURE_PORT] -pkicreate.unsecure_port=[PKI_UNSECURE_PORT] -pkicreate.tomcat_server_port=[TOMCAT_SERVER_PORT] -pkicreate.user=[PKI_USER] -pkicreate.group=[PKI_GROUP] -pkicreate.systemd.servicename=[PKI_SYSTEMD_SERVICENAME] -pkiremove.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] -installDate=[INSTALL_TIME] -cs.type=TKS -admin.interface.uri=tks/admin/console/config/wizard -preop.admin.name=Token Key Service Manager Administrator -preop.admin.group=Token Key Service Manager Agents -preop.admincert.profile=caAdminCert -preop.securitydomain.admin_url=https://[PKI_MACHINE_NAME]:9445 -preop.wizard.name=TKS Setup Wizard -preop.system.name=TKS -preop.product.name=CS -preop.product.version=@VERSION@ -preop.system.fullname=Token Key Service -proxy.securePort=[PKI_PROXY_SECURE_PORT] -proxy.unsecurePort=[PKI_PROXY_UNSECURE_PORT] -tks.cert.list=sslserver,subsystem,audit_signing -tks.cert.sslserver.certusage=SSLServer -tks.cert.subsystem.certusage=SSLClient -tks.cert.audit_signing.certusage=ObjectSigner -preop.cert.list=sslserver,subsystem,audit_signing -preop.cert.rsalist=audit_signing -preop.cert.sslserver.enable=true -preop.cert.subsystem.enable=true -preop.cert.audit_signing.enable=true -preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA -preop.cert.audit_signing.dn=CN=TKS Audit Signing Certificate -preop.cert.audit_signing.keysize.custom_size=2048 -preop.cert.audit_signing.keysize.size=2048 -preop.cert.audit_signing.nickname=auditSigningCert cert-[PKI_INSTANCE_ID] -preop.cert.audit_signing.profile=caInternalAuthAuditSigningCert -preop.cert.audit_signing.signing.required=false -preop.cert.audit_signing.subsystem=tks -preop.cert.audit_signing.type=remote -preop.cert.audit_signing.userfriendlyname=TKS Audit Signing Certificate -preop.cert.audit_signing.cncomponent.override=true -preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA -preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME] -preop.cert.sslserver.keysize.custom_size=2048 -preop.cert.sslserver.keysize.size=2048 -preop.cert.sslserver.nickname=Server-Cert cert-[PKI_INSTANCE_ID] -preop.cert.sslserver.profile=caInternalAuthServerCert -preop.cert.sslserver.signing.required=false -preop.cert.sslserver.subsystem=tks -preop.cert.sslserver.type=remote -preop.cert.sslserver.userfriendlyname=SSL Server Certificate -preop.cert.sslserver.cncomponent.override=false -preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA -preop.cert.subsystem.dn=CN=TKS Subsystem Certificate -preop.cert.subsystem.keysize.custom_size=2048 -preop.cert.subsystem.keysize.size=2048 -preop.cert.subsystem.nickname=subsystemCert cert-[PKI_INSTANCE_ID] -preop.cert.subsystem.profile=caInternalAuthSubsystemCert -preop.cert.subsystem.signing.required=false -preop.cert.subsystem.subsystem=tks -preop.cert.subsystem.type=remote -preop.cert.subsystem.userfriendlyname=Subsystem Certificate -preop.cert.subsystem.cncomponent.override=true -preop.cert.admin.defaultSigningAlgorithm=SHA256withRSA -preop.cert.admin.dn=uid=admin,cn=admin -preop.cert.admin.keysize.custom_size=2048 -preop.cert.admin.keysize.size=2048 -preop.cert.admin.profile=adminCert.profile -preop.hierarchy.profile=caCert.profile -preop.configModules.module0.userFriendlyName=NSS Internal PKCS #11 Module -preop.configModules.module0.commonName=NSS Internal PKCS #11 Module -preop.configModules.module0.imagePath=../img/clearpixel.gif -preop.configModules.module1.userFriendlyName=nCipher's nFast Token Hardware Module -preop.configModules.module1.commonName=nfast -preop.configModules.module1.imagePath=../img/clearpixel.gif -preop.configModules.module2.userFriendlyName=SafeNet's LunaSA Token Hardware Module -preop.configModules.module2.commonName=lunasa -preop.configModules.module2.imagePath=../img/clearpixel.gif -preop.configModules.count=3 -preop.module.token=Internal Key Storage Token -cs.state=0 -authType=pwd -instanceRoot=[PKI_INSTANCE_PATH] -machineName=[PKI_MACHINE_NAME] -instanceId=[PKI_INSTANCE_ID] -preop.pin=[PKI_RANDOM_NUMBER] -service.machineName=[PKI_MACHINE_NAME] -service.instanceDir=[PKI_INSTANCE_ROOT] -service.securePort=[PKI_AGENT_SECURE_PORT] -service.non_clientauth_securePort=[PKI_EE_SECURE_PORT] -service.unsecurePort=[PKI_UNSECURE_PORT] -service.instanceID=[PKI_INSTANCE_ID] -passwordFile=[PKI_INSTANCE_PATH]/conf/password.conf -passwordClass=com.netscape.cmsutil.password.PlainPasswordFile -multiroles=true -multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Adminstrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group -CrossCertPair._000=## -CrossCertPair._001=## CrossCertPair Import -CrossCertPair._002=## -CrossCertPair.ldap=internaldb -accessEvaluator.impl.group.class=com.netscape.cms.evaluators.GroupAccessEvaluator -accessEvaluator.impl.ipaddress.class=com.netscape.cms.evaluators.IPAddressAccessEvaluator -accessEvaluator.impl.user.class=com.netscape.cms.evaluators.UserAccessEvaluator -auths._000=## -auths._001=## new authentication -auths._002=## -auths.impl._000=## -auths.impl._001=## authentication manager implementations -auths.impl._002=## -auths.impl.AgentCertAuth.class=com.netscape.cms.authentication.AgentCertAuthentication -auths.impl.CMCAuth.class=com.netscape.cms.authentication.CMCAuth -auths.impl.NISAuth.class=com.netscape.cms.authentication.NISAuth -auths.impl.PortalEnroll.class=com.netscape.cms.authentication.PortalEnroll -auths.impl.TokenAuth.class=com.netscape.cms.authentication.TokenAuthentication -auths.impl.UdnPwdDirAuth.class=com.netscape.cms.authentication.UdnPwdDirAuthentication -auths.impl.UidPwdDirAuth.class=com.netscape.cms.authentication.UidPwdDirAuthentication -auths.impl.UidPwdPinDirAuth.class=com.netscape.cms.authentication.UidPwdPinDirAuthentication -auths.instance.AgentCertAuth.agentGroup=Certificate Manager Agents -auths.instance.AgentCertAuth.pluginName=AgentCertAuth -auths.instance.TokenAuth.pluginName=TokenAuth -auths.revocationChecking.bufferSize=50 -authz._000=## -authz._001=## new authorizatioin -authz._002=## -authz.evaluateOrder=deny,allow -authz.sourceType=ldap -authz.impl._000=## -authz.impl._001=## authorization manager implementations -authz.impl._002=## -authz.impl.BasicAclAuthz.class=com.netscape.cms.authorization.BasicAclAuthz -authz.impl.DirAclAuthz.class=com.netscape.cms.authorization.DirAclAuthz -authz.instance.BasicAclAuthz.pluginName=BasicAclAuthz -authz.instance.DirAclAuthz.ldap=internaldb -authz.instance.DirAclAuthz.pluginName=DirAclAuthz -authz.instance.DirAclAuthz.ldap._000=## -authz.instance.DirAclAuthz.ldap._001=## Internal Database -authz.instance.DirAclAuthz.ldap._002=## -cardcryptogram.validate.enable=true -cmc.cert.confirmRequired=false -cmc.lraPopWitness.verify.allow=true -cmc.revokeCert.verify=true -cmc.revokeCert.sharedSecret.class=com.netscape.cms.authentication.SharedSecret -cmc.sharedSecret.class=com.netscape.cms.authentication.SharedSecret -cms.version=@MAJOR_VERSION@.@MINOR_VERSION@ -dbs.ldap=internaldb -dbs.newSchemaEntryAdded=true -debug.append=true -debug.enabled=true -debug.filename=[PKI_INSTANCE_PATH]/logs/debug -debug.hashkeytypes= -debug.level=0 -debug.showcaller=false -keys.ecc.curve.list=nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2 -keys.ecc.curve.display.list=nistp256 (secp256r1),nistp384 (secp384r1),nistp521 (secp521r1),nistk163 (sect163k1),sect163r1,nistb163 (sect163r2),sect193r1,sect193r2,nistk233 (sect233k1),nistb233 (sect233r1),sect239k1,nistk283 (sect283k1),nistb283 (sect283r1),nistk409 (sect409k1),nistb409 (sect409r1),nistk571 (sect571k1),nistb571 (sect571r1),secp160k1,secp160r1,secp160r2,secp192k1,nistp192 (secp192r1, prime192v1),secp224k1,nistp224 (secp224r1),secp256k1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2 -keys.ecc.curve.default=nistp256 -keys.rsa.keysize.default=2048 -internaldb._000=## -internaldb._001=## Internal Database -internaldb._002=## -internaldb.maxConns=15 -internaldb.minConns=3 -internaldb.ldapauth.authtype=BasicAuth -internaldb.ldapauth.bindDN=cn=Directory Manager -internaldb.ldapauth.bindPWPrompt=Internal LDAP Database -internaldb.ldapauth.clientCertNickname= -internaldb.ldapconn.host= -internaldb.ldapconn.port= -internaldb.ldapconn.secureConn=false -preop.internaldb.schema.ldif=/usr/share/[PKI_FLAVOR]/tks/conf/schema.ldif -preop.internaldb.ldif=/usr/share/[PKI_FLAVOR]/tks/conf/database.ldif -preop.internaldb.data_ldif=/usr/share/[PKI_FLAVOR]/tks/conf/db.ldif,/usr/share/[PKI_FLAVOR]/tks/conf/acl.ldif -preop.internaldb.index_ldif=/usr/share/[PKI_FLAVOR]/tks/conf/index.ldif -preop.internaldb.manager_ldif=/usr/share/[PKI_FLAVOR]/ca/conf/manager.ldif -preop.internaldb.post_ldif= -preop.internaldb.wait_dn= -internaldb.multipleSuffix.enable=false -jss._000=## -jss._001=## JSS -jss._002=## -jss.configDir=[PKI_INSTANCE_PATH]/alias/ -jss.enable=true -jss.secmodName=secmod.db -jss.ocspcheck.enable=false -jss.ssl.cipherfortezza=true -jss.ssl.cipherpref= -jss.ssl.cipherversion=cipherdomestic -log._000=## -log._001=## Logging -log._002=## -log.impl.file.class=com.netscape.cms.logging.RollingLogFile -log.instance.SignedAudit._000=## -log.instance.SignedAudit._001=## Signed Audit Logging -log.instance.SignedAudit._002=## -log.instance.SignedAudit._003=## -log.instance.SignedAudit._004=## Available Audit events: -log.instance.SignedAudit._005=## AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,LOG_EXPIRATION_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION -log.instance.SignedAudit._006=## -log.instance.SignedAudit.bufferSize=512 -log.instance.SignedAudit.enable=true -log.instance.SignedAudit.events=AUDIT_LOG_STARTUP,AUDIT_LOG_SHUTDOWN,ROLE_ASSUME,CONFIG_CERT_POLICY,CONFIG_CERT_PROFILE,CONFIG_CRL_PROFILE,CONFIG_OCSP_PROFILE,CONFIG_AUTH,CONFIG_ROLE,CONFIG_ACL,CONFIG_SIGNED_AUDIT,CONFIG_ENCRYPTION,CONFIG_TRUSTED_PUBLIC_KEY,CONFIG_DRM,SELFTESTS_EXECUTION,AUDIT_LOG_DELETE,LOG_PATH_CHANGE,PRIVATE_KEY_ARCHIVE_REQUEST,PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS,PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE,KEY_RECOVERY_REQUEST,KEY_RECOVERY_REQUEST_ASYNC,KEY_RECOVERY_AGENT_LOGIN,KEY_RECOVERY_REQUEST_PROCESSED,KEY_RECOVERY_REQUEST_PROCESSED_ASYNC,KEY_GEN_ASYMMETRIC,NON_PROFILE_CERT_REQUEST,PROFILE_CERT_REQUEST,CERT_REQUEST_PROCESSED,CERT_STATUS_CHANGE_REQUEST,CERT_STATUS_CHANGE_REQUEST_PROCESSED,AUTHZ_SUCCESS,AUTHZ_FAIL,INTER_BOUNDARY,AUTH_FAIL,AUTH_SUCCESS,CERT_PROFILE_APPROVAL,PROOF_OF_POSSESSION,CRL_RETRIEVAL,CRL_VALIDATION,CMC_SIGNED_REQUEST_SIG_VERIFY,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE,SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS,SERVER_SIDE_KEYGEN_REQUEST,COMPUTE_SESSION_KEY_REQUEST,COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS, COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE,DIVERSIFY_KEY_REQUEST,DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS, DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE,ENCRYPT_DATA_REQUEST,ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS,ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE,OCSP_ADD_CA_REQUEST,OCSP_ADD_CA_REQUEST_PROCESSED,OCSP_REMOVE_CA_REQUEST,OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS,OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE,COMPUTE_RANDOM_DATA_REQUEST,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS,COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE,CIMC_CERT_VERIFICATION -log.instance.SignedAudit.expirationTime=0 -log.instance.SignedAudit.fileName=[PKI_INSTANCE_PATH]/logs/signedAudit/tks_cert-tks_audit -log.instance.SignedAudit.flushInterval=5 -log.instance.SignedAudit.level=1 -log.instance.SignedAudit.logSigning=false -log.instance.SignedAudit.maxFileSize=2000 -log.instance.SignedAudit.pluginName=file -log.instance.SignedAudit.rolloverInterval=2592000 -log.instance.SignedAudit.signedAudit:_000=## -log.instance.SignedAudit.signedAudit:_001=## Fill in the nickname of a trusted signing certificate to allow TKS audit logs to be signed -log.instance.SignedAudit.signedAudit:_002=## -log.instance.SignedAudit.signedAuditCertNickname=auditSigningCert cert-[PKI_INSTANCE_ID] -log.instance.SignedAudit.type=signedAudit -log.instance.System._000=## -log.instance.System._001=## System Logging -log.instance.System._002=## -log.instance.System.bufferSize=512 -log.instance.System.enable=true -log.instance.System.expirationTime=0 -log.instance.System.fileName=[PKI_INSTANCE_PATH]/logs/system -log.instance.System.flushInterval=5 -log.instance.System.level=3 -log.instance.System.maxFileSize=2000 -log.instance.System.pluginName=file -log.instance.System.rolloverInterval=2592000 -log.instance.System.type=system -log.instance.Transactions._000=## -log.instance.Transactions._001=## Transaction Logging -log.instance.Transactions._002=## -log.instance.Transactions.bufferSize=512 -log.instance.Transactions.enable=true -log.instance.Transactions.expirationTime=0 -log.instance.Transactions.fileName=[PKI_INSTANCE_PATH]/logs/transactions -log.instance.Transactions.flushInterval=5 -log.instance.Transactions.level=1 -log.instance.Transactions.maxFileSize=2000 -log.instance.Transactions.pluginName=file -log.instance.Transactions.rolloverInterval=2592000 -log.instance.Transactions.type=transaction -logAudit.fileName=[PKI_INSTANCE_PATH]/logs/access -logError.fileName=[PKI_INSTANCE_PATH]/logs/error -oidmap.auth_info_access.class=netscape.security.extensions.AuthInfoAccessExtension -oidmap.auth_info_access.oid=1.3.6.1.5.5.7.1.1 -oidmap.challenge_password.class=com.netscape.cms.servlet.cert.scep.ChallengePassword -oidmap.challenge_password.oid=1.2.840.113549.1.9.7 -oidmap.extended_key_usage.class=netscape.security.extensions.ExtendedKeyUsageExtension -oidmap.extended_key_usage.oid=2.5.29.37 -oidmap.extensions_requested_pkcs9.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested -oidmap.extensions_requested_pkcs9.oid=1.2.840.113549.1.9.14 -oidmap.extensions_requested_vsgn.class=com.netscape.cms.servlet.cert.scep.ExtensionsRequested -oidmap.extensions_requested_vsgn.oid=2.16.840.1.113733.1.9.8 -oidmap.netscape_comment.class=netscape.security.x509.NSCCommentExtension -oidmap.netscape_comment.oid=2.16.840.1.113730.1.13 -oidmap.ocsp_no_check.class=netscape.security.extensions.OCSPNoCheckExtension -oidmap.ocsp_no_check.oid=1.3.6.1.5.5.7.48.1.5 -oidmap.pse.class=netscape.security.extensions.PresenceServerExtension -oidmap.pse.oid=2.16.840.1.113730.1.18 -oidmap.subject_info_access.class=netscape.security.extensions.SubjectInfoAccessExtension -oidmap.subject_info_access.oid=1.3.6.1.5.5.7.1.11 -os.serverName=cert-[PKI_INSTANCE_ID] -os.userid=nobody -registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg -selftests._000=## -selftests._001=## Self Tests -selftests._002=## -selftests._003=## The Self-Test plugin SystemCertsVerification uses the -selftests._004=## following parameters (where certusage is optional): -selftests._005=## tks.cert.list = <list of cert tag names deliminated by ","> -selftests._006=## tks.cert.<cert tag name>.nickname -selftests._007=## tks.cert.<cert tag name>.certusage -selftests._008=## -selftests.container.instance.TKSKnownSessionKey=com.netscape.cms.selftests.tks.TKSKnownSessionKey -selftests.container.instance.SystemCertsVerification=com.netscape.cms.selftests.common.SystemCertsVerification -selftests.container.logger.bufferSize=512 -selftests.container.logger.class=com.netscape.cms.logging.RollingLogFile -selftests.container.logger.enable=true -selftests.container.logger.expirationTime=0 -selftests.container.logger.fileName=[PKI_INSTANCE_PATH]/logs/selftests.log -selftests.container.logger.flushInterval=5 -selftests.container.logger.level=1 -selftests.container.logger.maxFileSize=2000 -selftests.container.logger.register=false -selftests.container.logger.rolloverInterval=2592000 -selftests.container.logger.type=transaction -selftests.container.order.onDemand=TKSKnownSessionKey:critical, SystemCertsVerification:critical -selftests.container.order.startup=TKSKnownSessionKey:critical, SystemCertsVerification:critical -selftests.plugin.TKSKnownSessionKey.CUID=#a0#01#92#03#04#05#06#07#08#c9 -selftests.plugin.TKSKnownSessionKey.TksSubId=tks -selftests.plugin.TKSKnownSessionKey.cardChallenge=#bd#6d#19#85#6e#54#0f#cd -selftests.plugin.TKSKnownSessionKey.hostChallenge=#77#57#62#e4#5e#23#66#7d -selftests.plugin.TKSKnownSessionKey.keyName=#01#01 -selftests.plugin.TKSKnownSessionKey.macKey=#40#41#42#43#44#45#46#47#48#49#4a#4b#4c#4d#4e#4f -selftests.plugin.TKSKnownSessionKey.sessionKey=#d1#be#b8#26#dc#56#20#25#8c#93#e7#de#f0#ab#4f#5b -selftests.plugin.TKSKnownSessionKey.token=Internal Key Storage Token -selftests.plugin.TKSKnownSessionKey.useSoftToken=true -selftests.plugin.SystemCertsVerification.SubId=tks -smtp.host=localhost -smtp.port=25 -subsystem.0.class=com.netscape.tks.TKSAuthority -subsystem.0.id=tks -subsystem.1.class=com.netscape.cmscore.selftests.SelfTestSubsystem -subsystem.1.id=selftests -subsystem.2.class=com.netscape.cmscore.util.StatsSubsystem -subsystem.2.id=stats -tks._000=## -tks._001=## TKS -tks._002=## -tks._003=## -tks._004=## -tks.debug=false -tks.defaultSlot=Internal Key Storage Token -tks.drm_transport_cert_nickname= -tks.master_key_prefix= -tks.tksSharedSymKeyName=sharedSecret -tks.useDefaultSlot=true -usrgrp._000=## -usrgrp._001=## User/Group -usrgrp._002=## -usrgrp.ldap=internaldb -tks.defKeySet._000=## -tks.defKeySet._001=## Axalto default key set: -tks.defKeySet._002=## -tks.defKeySet._003=## tks.defKeySet.mk_mappings.#02#01=<tokenname>:<nickname> -tks.defKeySet._004=## -tks.defKeySet.auth_key=#40#41#42#43#44#45#46#47#48#49#4a#4b#4c#4d#4e#4f -tks.defKeySet.mac_key=#40#41#42#43#44#45#46#47#48#49#4a#4b#4c#4d#4e#4f -tks.defKeySet.kek_key=#40#41#42#43#44#45#46#47#48#49#4a#4b#4c#4d#4e#4f -tks.jForte._000=## -tks.jForte._001=## SAFLink's jForte default key set: -tks.jForte._002=## -tks.jForte._003=## tks.jForte.mk_mappings.#02#01=<tokenname>:<nickname> -tks.jForte._004=## -tks.jForte.auth_key=#30#31#32#33#34#35#36#37#38#39#3a#3b#3c#3d#3e#3f -tks.jForte.mac_key=#40#41#42#43#44#45#46#47#48#49#4a#4b#4c#4d#4e#4f -tks.jForte.kek_key=#50#51#52#53#54#55#56#57#58#59#5a#5b#5c#5d#5e#5f -multiroles._000=## -multiroles._001=## multiroles -multiroles._002=## -multiroles.enable=true -multiroles.false.groupEnforceList=Administrators,Auditors,Trusted Managers,Certificate Manager Agents,Registration Manager Agents,Data Recovery Manager Agents,Online Certificate Status Manager Agents,Token Key Service Manager Agents,Enterprise CA Administrators,Enterprise KRA Administrators,Enterprise OCSP Administrators,Enterprise RA Administrators,Enterprise TKS Administrators,Enterprise TPS Administrators,Security Domain Administrators,Subsystem Group,ClonedSubsystems |