summaryrefslogtreecommitdiffstats
path: root/pki/base/tps/doc/CS.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/tps/doc/CS.cfg')
-rw-r--r--pki/base/tps/doc/CS.cfg19
1 files changed, 17 insertions, 2 deletions
diff --git a/pki/base/tps/doc/CS.cfg b/pki/base/tps/doc/CS.cfg
index 1fbbf98f6..46b194efd 100644
--- a/pki/base/tps/doc/CS.cfg
+++ b/pki/base/tps/doc/CS.cfg
@@ -71,7 +71,10 @@ logging.debug.filename=[SERVER_ROOT]/logs/tps-debug.log
logging.debug.level=7
logging.audit.enable=true
logging.audit.filename=[SERVER_ROOT]/logs/tps-audit.log
+logging.audit.signedAuditFilename=[SERVER_ROOT]/logs/signedAudit/tps_audit
logging.audit.level=10
+logging.audit.logSigning=false
+logging.audit.signedAuditCertNickname=auditSigningCert cert-[INSTANCE_ID]
logging.error.enable=true
logging.error.filename=[SERVER_ROOT]/logs/tps-error.log
logging.error.level=10
@@ -301,9 +304,10 @@ preop.product.version=
preop.cert._000=#########################################
preop.cert._001=# Installation configuration "preop" certs parameters
preop.cert._002=#########################################
-preop.cert.list=sslserver,subsystem
+preop.cert.list=sslserver,subsystem,audit_signing
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
+preop.cert.audit_signing.enable=false
preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
preop.cert.sslserver.dn=CN=[SERVER_NAME], OU=[INSTANCE_ID]
preop.cert.sslserver.keysize.customsize=2048
@@ -326,6 +330,17 @@ preop.cert.subsystem.subsystem=tps
preop.cert._005=#preop.cert.subsystem.type=local
preop.cert.subsystem.userfriendlyname=Subsystem Certificate
preop.cert._006=#preop.cert.subsystem.cncomponent.override=true
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.dn=CN=TPS Audit Signing Certificate, OU=[INSTANCE_ID]
+preop.cert.audit_signing.keysize.customsize=2048
+preop.cert.audit_signing.keysize.size=2048
+preop.cert.audit_signing.keysize.select=custom
+preop.cert.audit_signing.nickname=auditSigningCert cert-[INSTANCE_ID]
+preop.cert.audit_signing.profile=caInternalAuthAuditSigningCert
+preop.cert.audit_signing.subsystem=tps
+preop.cert._005=#preop.cert.audit_signing.type=local
+preop.cert.audit_signing.userfriendlyname=Subsystem Certificate
+preop.cert._006=#preop.cert.audit_signing.cncomponent.override=true
preop.configModules._000=#########################################
preop.configModules._001=# Installation configuration "preop" module parameters
preop.configModules._002=#########################################
@@ -1331,7 +1346,7 @@ tokendb._063=# - If present, re-enrollment is allowed when RE_ENROLL
tokendb._064=# is set to YES. Otherwise, re-enrollment is not
tokendb._065=# allowed.
tokendb._066=#########################################
-tokendb.auditLog=[SERVER_ROOT]/[INSTANCE_ID]/logs/tokendb-audit.log
+tokendb.auditLog=[SERVER_ROOT]/[SERVER_INSTANCE]/logs/tokendb-audit.log
tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT]
tokendb.ssl=false
tokendb.bindDN=cn=Directory Manager
generated by cgit (git 2.34.1) at 2024-09-21 01:18:19 +0000