| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
The duplicate common source code in the console package have
been removed. Note that the binaries are still duplicated in
the pki-certsrv.jar and pki-console.jar.
Ticket #113
|
|
|
|
|
|
|
| |
The console build script has been modified such that it uses the
com.netscape.certsrv.common source code from the common package.
Ticket #113, #62
|
|
|
|
|
|
|
|
| |
The build scripts for util and common packages have been modified
to use the new Java CMake library to automatically find the source
codes and build the binaries.
Ticket #62
|
|
|
|
|
|
|
|
|
|
| |
A new javadoc function has been added into Java CMake script. The
function supports generating Javadoc for Java packages including
all subpackages in it. It also support package exclusion. This way
it's no longer necessary to specify the entire list of packages or
source codes.
Ticket #62
|
|
|
|
|
|
|
| |
The Java CMake scripts has been modified to support excluding some
files from compilation or JAR packaging.
Ticket #62
|
|
|
|
|
|
| |
Allows the user to send a certificate request through cli.
Command : pki cert-request-submit <filename>
|
|
|
|
| |
hard-coded "ca/" so that this code works with BOTH 'pkicreate' AND 'pkispawn'.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* In 'catalina.properties', removed commented out jars
for each of the subsystems in the 'common.loader'
* In 'server.xml', removed the line containing a '1'
* Moved all parameters from the [Mandatory] and [Optional]
sections of the 'pkideployment.cfg' file to other more
appropriate sections (e.g. - [Common], [CA], [KRA], etc.),
and removed these sections and all of their associated
logic from the 'pki-deploy' package
* Resolved Dogtag TRAC Ticket #225
Dogtag 10: Move "pkispawn"/"pkidestroy" logs
* Removed all security domain references from
external CA logic
* Added new 'pki_subsystem_name' parameter to
'pkideployment.cfg' file, and applied logic
throughout 'pki-deploy'
* Added new error message in the case of an
unset DNS domain name, and replaced the
log message with a simple print in the
case of a 'domainname' exception
|
|
|
|
|
|
|
|
|
| |
Saved Admin Certificate, imported it into NSS client security databases, and
exported it to a PKCS #12 file such that it may be imported into a browser.
TRAC Ticket #221
Dogtag 10: Create a PKCS #12 file containing the Admin Certificate
(https://fedorahosted.org/pki/ticket/221)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Integration of Tomcat 7
* Introduction of dependency upon tomcatjss 7.0
* Removal of http filtering configuration mechanisms
* Introduction of additional slot substitution to
support revised filesystem layout
* Addition of 'pkiuser' uid:gid creation methods
* Inclusion of per instance '*.profile' files
* Introduction of configurable 'configurationRoot'
parameter
* Introduction of default configuration of 'log4j'
mechanism (alee)
* Modify web.xml to use new Application classes to
bootstrap servers (alee)
* Introduction of "Wrapper" logic to support
Tomcat 6 --> Tomcat 7 API change (jmagne)
* Added jython helper function to allow attaching
a remote java debugger (e. g. - eclipse)
|
|
|
|
|
|
|
|
|
|
|
| |
New Java CMake library has been added to find the source
codes automatically so it's no longer necessary to maintain
the list of source codes in the build script. The library
also provides separate functions to compile, package, and
create symbolic links allowing more flexibility over the
build process.
Ticket #62
|
|
|
|
|
|
|
|
|
|
| |
Due to packaging issue the source code in com.netscape.certsrv.common
were duplicated into common and console packages and over time they
have become out-of-sync. This patch merges the changes such that they
are now identical. When the packaging issue is fixed later the
duplicate copy can be removed.
Ticket #113
|
| |
|
| |
|
|
|
|
|
|
| |
This patch provides fix to OCSP agent inability of removing a CA from the List of Certificate Authorities in some circumstances.
Bug: 837124.
|
| |
|
| |
|
|
|
|
|
|
|
| |
The CertRestClient has been fixed to pass the client certificate nickname
to the CMSRestClient class to configure the SSLSocket properly.
Ticket #161
|
|
|
|
|
|
|
| |
The ConfigurationRESTClient has been modified to extend CMSRestClient
to address error handling issue in ConfigurationTest.
Ticket #218
|
|
|
|
|
|
|
| |
The DoRevoke and DoUnrevoke servlets have been refactored to use
the RevocationProcessor.
Ticket #161
|
|
|
|
|
|
| |
The cert revocation CLI provides a tool to revoke and unrevoke certificates.
Ticket #161
|
|
|
|
|
|
|
| |
The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets.
It provides an interface to manage certificate revocation.
Ticket #161
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The RequestStatus has been modified to use a map to convert string
into RequestStatus instance. The string constants in RequestStatus
are no longer needed because instances can be compared using
equal sign directly or equals().
Ticket #161
|
| |
|
|
|
|
|
|
| |
This patch provides verification of revocation reasons and proper handling for removeFromCRLrevocation reason.
Bug: 441354.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Refactored ProfileSubmitServlet to make the flow clearer. Both the legacy servlets
and the new RESTful servlets use common ProfileProcessor objects that contain the main
business logic, so that the amount of duplicated code is minimized.
Refactored ProfileProcessServlet to use the new common classes.
Addressed review comments. Removed an unneeded class and reverted some unneeded jaxb
annotations. Added factory methods.
|
| |
|
| |
|
|
|
|
| |
Coverity fix for Forward NULL cases in DogTag 10.
|
|
|
|
| |
Addressed review coments.
|
|
|
|
|
|
|
| |
A new getEntity() method has been added to obtain the entity from
a Response object and also map HTTP errors into exceptions.
Ticket #161
|
|
|
|
|
|
|
|
|
|
| |
Generally the user LDAP entry does not contain a seeAlso attribute
unless it's a special database user. The UGSubsystem.removeUserCert()
would fail because it tried to remove the seeAlso attribute. Now the
code has been fixed to remove the seeAlso using a separate modify
operation and ignore the error if it fails due to missing attribute.
Ticket #182
|
| |
|
| |
|
|
|
|
|
|
|
| |
The X500Name and RDN have been modified to fix the incorrect method
signature for equals() and the missing hashCode().
Ticket #206
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously HTTPClient.sslConnect() would return a null if there is
a connection issue. Some code in pkisilent did not check the return
value properly so it would throw an exception. The sslConnect() has
been modified to throw an exception instead.
Ticket #180
|
|
|
|
| |
REVERSE_INULL,Wrong_Map_Iterators
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
This patch provides a tool to manage groups and group members via
command line.
Ticket #160
|
|
|
|
|
|
|
| |
The group REST service is based on UsrGrpAdminServlet. It provides an interface
to manage groups and group members.
Ticket #160
|
|
|
|
|
|
| |
The user CLI provides a tool to manage users and user certificates.
Ticket #160
|