| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The pkispawn and pkicreate have been updated to deploy the
combined images and CSS files from the common-ui into /pki/images
and /pki/css.
The common Velocity templates and JavaScript files still need to
be deployed from the <subsystem>-ui packages into each subsystem.
Ticket #328
|
|
|
|
|
|
|
| |
The theme images and CSS files have been copied from all subsystems
and merged into the common-ui.
Ticket #328
|
|
|
|
|
|
|
| |
The CMakeLists.txt for pkisilent has been fixed to remove references
to subca_silent.template.
Ticket #398
|
|
|
|
|
| |
This fixes an error in a previous commit which breaks creation
and removal of non-CA subsystems
|
|
|
|
| |
Ticket 411
|
|
|
|
| |
Ticket 412
|
| |
|
|
|
|
| |
* TRAC Ticket #398 - Move default location for client certificate databas
|
|
|
|
|
|
| |
* TRAC Ticket #395 - Dogtag 10: Add a Tomcat 7 runtime requirement to
'pki-server'
* TRAC Ticket #398 - Move default location for client certificate database
|
|
|
|
| |
* TRAC Ticket #185 - Dogtag 10: Update PKI Deployment to handle subordinate CA
|
|
|
|
|
|
|
|
|
| |
Previously ACL checking was done in PKIRealm by matching the URL.
This code has been replaced by ACLInterceptor which will intercept
RESTEasy method invocations. This allows more precise mapping of
REST methods to ACL entries in acl.ldif.
Ticket #287
|
|
|
|
| |
* Dogtag TRAC Ticket #402 - pki-core is FTBFS on ARM
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the theme files are copied into each subsystem during
deployment creating duplicates. To reduce the problem the files
should be combined into a common folder /pki.
The process will be done over several patches. Initially this patch
will copy the images and CSS files into /pki/images and /pki/css.
Subsequent patches will update references to these files to the new
location. When it's done, the files no longer need to be copied
into each subsystem.
Ticket #328
|
|
|
|
|
| |
Sometimes importing the ascii admin cert into th client certdb fails.
The binary always appears to work though.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this patch, it will be possible to install a default instance
simply by adding the passwords in the pkideployment.cfg. This file
can then be used without additional alteration to add subsystems to the
same instance, by re-running pkispawn against the config file.
The patch makes sure that cert nicknames, database and baseDN , admin users
and client db are unique per subsystem. An option is added to reuse the
existing server cert generated by the first subsystem and copy the
required data to all subsystems.
Ticket 379, 385
|
|
|
|
|
|
|
|
| |
The CertPrettyPrint has been modified to use the standard names
for message digests so that it will work with standard security
provider.
Ticket #392
|
|
|
|
|
|
|
| |
The wrappers for PrettyPrintCert and PrettyPrintCrl has been fixed
to include the class names.
Ticket #381
|
| |
|
| |
|
|
|
|
|
| |
* TRAC Ticket #286 - Dogtag 10: Create parameter for optionally allowing
a user to skip configuration . . .
|
| |
|
|
|
|
| |
* TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .
|
|
|
|
|
|
|
|
| |
The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.
Ticket #376
|
|
|
|
|
|
|
|
| |
Some synchronized methods in CertificateRepository may block
modifyCeritifcateRecord() too long, so they have been moved
into CRLIssuingPoint and CertStatusUpdateThread.
Ticket #313
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The tomcat.conf and the template deployment configuration have been
modified to enable the security manager. The operations script has
been modified to generate a new catalina.policy from the standard
Tomcat policy, the standard PKI policy and the custom policy every
time the instance is started.
The current catalina.policy has been changed to store a header for
the dynamically generated catalina.policy. A new pki.policy has been
added to store the default PKI security policy. An empty
custom.policy has been added to store policy customization.
Ticket #223
|
|
|
|
|
|
|
| |
The GetDomainXML servlet has been refactored to use the new
SecurityDomainProcessor.
Ticket #309
|
|
|
|
|
|
|
|
| |
The REST interface for security domain has been updated to provide
a method to get the domain info. A CLI has been provided to access
this method.
Ticket #309
|
|
|
|
|
|
|
| |
The REST account service has been added to TKS and OCSP to enable
authentication.
Ticket #375
|
|
|
|
| |
Ticket 369
|