summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Added option to import client cert from CA.Endi S. Dewata2014-09-193-63/+122
| | | | | | | | | | | | A new option has been added to the client-cert-import command to import a certificate from CA by specifying the serial number. The client-cert-import has also been modified to get the nickname of the certificate to import from the CLI argument. For backward compatibility, if no argument is specified the CLI will try to get the nickname from the authentication option (-n). Ticket #1152
* Added option to import user cert from CA.Endi S. Dewata2014-09-191-13/+47
| | | | | | | | The user-cert-add CLI has been modified to provide an option to specify the serial number of the certificate to be imported from the CA. Ticket #1151
* Displaying request status in ca-cert-request-review.Endi S. Dewata2014-09-191-0/+4
| | | | | | | The ca-cert-request-review CLI has been modified to show the request status after completing the operation. Ticket #1149
* Added client-cert-request CLI.Endi S. Dewata2014-09-198-19/+230
| | | | | | | A new CLI has been added to simplify the process to request a user certificate for client certificate authentication. Ticket #1148
* Included java files needed for GenerateCRMFRequestAsha Akkiangady2014-09-1819-0/+5724
| | | | pki-qe-tools.jar is created.
* Added script to create role usersAsha Akkiangady2014-09-173-56/+114
| | | | for CA,KRA, OCSP and TKS subsystems
* ticket #1158 CMCRequest does not support internal tokenChristina Fu2014-09-161-1/+1
|
* Bug Verification automation scriptsRoshni Pattath2014-09-165-0/+1463
|
* Fix Debian specific paths to jackson jarsTimo Aaltonen2014-09-091-8/+8
|
* fix typo succesfully -> successfullyBenjamin Drung2014-09-093-3/+3
|
* Fix manpage errorsBenjamin Drung2014-09-099-25/+25
| | | | | This patch fixes manpage-has-errors-from-man and hyphen-used-as-minus-sign found by lintian tool on Debian.
* Add key automation scripts in Makefile and runtestNiranjan Mallapadi2014-09-092-0/+63
|
* Add pki key-template-find and show automationNiranjan Mallapadi2014-09-092-0/+162
| | | | Add pki key-template-find and pki key-template-show automation
* Add pki key-show automationNiranjan Mallapadi2014-09-091-0/+417
|
* Add pki key-request-show automationNiranjan Mallapadi2014-09-091-0/+410
|
* Add pki key-request-find automationNiranjan Mallapadi2014-09-091-0/+827
|
* Add pki key-mod automationNiranjan Mallapadi2014-09-091-0/+1209
|
* Add pki key-cli AutomationNiranjan Mallapadi2014-09-091-0/+80
|
* Add pki key-find automationNiranjan Mallapadi2014-09-091-0/+706
| | | | pki-key-cli-find-kra.sh Implements pki key-find automation
* Add pki key-generate automationNiranjan Mallapadi2014-09-091-0/+2293
| | | | | pki-key-cli-generate-kra.sh Implements pki key-generate functionality.
* Add function get_topo_stack to return subsystemsNiranjan Mallapadi2014-09-091-0/+38
| | | | | Add new function get_topo_stack to return subsystems of the current topology
* Add functions for symmetric key and passphraseNiranjan Mallapadi2014-09-091-0/+75
| | | | | Create a new file pki-key-cli-lib.sh to Add Functions to generate Symmetric key and archive passphrase
* Modified create_new_cert_request to add ROLE InfoNiranjan Mallapadi2014-09-091-1/+13
| | | | | | create_new_cert_request() in pki-cert-cli-lib.sh needed $MYROLE to fetch transport cert from the CA instance of the current topology to run CRMFPopClient
* Update release number for release build (10.2.0-2)Matthew Harmsen2014-09-071-16/+10
| | | | | | - Revised dependencies - Removed RA references - Changed Apache TPS references to Tomcat TPS references
* Update release number for release build (10.2.0-1)Matthew Harmsen2014-09-054-5/+29
|
* Ticket #882 - remove all certs belong to a token in tokendb before addChristina Fu2014-09-051-0/+9
|
* Fix public key print format in KeyCLI.Abhishek Koneru2014-09-041-5/+1
|
* Ticket #1146 Tomcat TPS: missing "keyType" for renewed certs in the cert recordsChristina Fu2014-09-041-5/+2
|
* Ticket #882 - delete certs associated to a token when token is removedChristina Fu2014-09-042-0/+30
|
* Check for null values in GetConfigEntriesAde Lee2014-09-041-4/+7
| | | | Ticket 1142
* Revert "Enabled certificate revocation checking by default."Endi S. Dewata2014-09-044-15/+1
| | | | | | | This reverts commit 223d15539b7bcc0df025025036af2935726e52e3. The patch does not work for subsystems installed on separate instance since it will require additional OCSP setup.
* Rename pki-tps-tomcat to pki-tpsMatthew Harmsen2014-09-03181-17/+16
| | | | * PKI TRAC Ticket #1017 - Rename pki-tps-tomcat to pki-tps
* TpsClient support for extensions.Jack Magne2014-09-031-5/+57
| | | | | | | | | | | TpsClient will now suport the ability to specify extensions in the script file. Ex: op=ra_format uid=jmagne pwd=netscape new_pin=netscape num_threads=1 extensions=tokenType=userKey Ticket # 1016.
* ticket #941 Rest interface triggered revoke/unrevoke and cert status update; ↵Christina Fu2014-09-036-39/+291
| | | | recovery
* Enabled certificate revocation checking by default.Endi S. Dewata2014-09-034-1/+15
| | | | | | | | The CS.cfg templates for all subsystems have been modified to enable certificate revocation checking during authentication. This will affect new installations only. Ticket #1117, #1134
* Integrate 'tpsclient' back into primary TPS packageMatthew Harmsen2014-09-027-355/+59
| | | | - PKI TRAC Ticket #1017 - Rename pki-tps-tomcat to pki-tps
* Remove Apache info from pkispawn and pkidestroyMatthew Harmsen2014-09-0216-276/+22
| | | | - PKI TRAC Ticket #1077 - Consider removing [Apache] section from 'default.cfg'
* ticket #882 unique certID for certificate recordsChristina Fu2014-09-023-16/+43
|
* Fix kra-connector-removeAde Lee2014-09-028-37/+94
| | | | | | | | | | | | | | | | | | | | The code to remove the connector from the pki CLI was found to be broken because of invalid message type (partly due to void returns). On uninstall, we need to remove the kra-connector from all relevant CA's in the security domain. The best way to do this is to keep kra-connector info in LDAP, so that only one call is needed. Until that change has been made, we are adding a hack to remove the connector from all CA's in the secutrity domain (if it exists). Due to issues with proxy configurations, we will continue to use sslget and a url-encoded-form version of the servlet. In addition, it was found that when removing a KRA from a shared subsystem, the updateDomainXML servlet was erroneously returning failure when it was unsuccessful in removing a non-existent user from a group. Ticket 1113
* Recovery and Renewal feature:Jack Magne2014-09-0210-252/+1166
| | | | | | | | | | | | | | | | | | 1. Basic token key recovery functionality is there. 2. Tested with mostly the "damaged" scenerio. The low level code that writes the recovered certs to the token works and has been tested with a real token. Some of the other more obscure cases need some more testing, for instance, the temporary on hold scenario. 3. Renewal has been tested with a real token to work. 4. Much of the complex code to write cert objects and key objects, as well as importing recovered keys, has been centralized to a method. This leaves the calling code simpler and easier to trouble shoot. 5. Added a method to check token operation transition states. 6. Fixed an issue with formatting a blank token I introduced. 7. Fixed a few issues with updating certificate records for a token that were discovered. 8. Added tps code to retrieve a certificate for the recovery case. 9. Minor Review fixes.
* Remove RA and pkicreate and pkisilent (fixed eclipse issue discovered by cfu)Matthew Harmsen2014-08-291-1/+0
| | | | | - PKI TRAC Ticket #1127 - Remove 'pki-ra', 'pki-setup', and 'pki-silent' packages . . .
* ticket 941 Renewal/Reenroll/Recovery/Renew policy 3rd cut; Renewal code; ↵Christina Fu2014-08-298-60/+588
| | | | RetrieveCert code
* Added routine to get subsytemId.Asha Akkiangady2014-08-293-346/+710
| | | | Added SSLServer cert input to pkispawn.
* Makes output of secrets consistent for all clients.Abhishek Koneru2014-08-296-25/+36
| | | | | | All the secrets/keys retrieved using the client API's using Java/python clients will be of the type - byte array. This applies to output of the retrieveKey method and the public key attribute of the KeyInfo object.
* Fixes for tickets 1087, 1089, 1090, 1091.Abhishek Koneru2014-08-297-20/+26
| | | | | Addresses upstream issues in the pki key-* CLI commands. Updates the man page in all the required cases.
* Fixed NPE in client-cert-import.Endi S. Dewata2014-08-282-3/+8
| | | | | | | The client-cert-import command has been modified to propertly initialize the CLI environment to avoid a null pointer exception. Ticket #1126
* Fixed problems with CLI authentication parameters.Endi S. Dewata2014-08-282-83/+80
| | | | | | | | | | | | | | | | | | | | Previously specifying a security database password in the CLI would require a certificate nickname to be specified as well. While this is correct for client certificate authentication, it caused a problem for operations that do not authenticate against the server such as client-init. The CLI has been modified to require a security database password only if the nickname is specified for client certificate authentication. Similar changes have been made to require user password only if the username is specified for basic authentication. The CLI also has been modified to store all specified parameters in the config object regardless of parameter validation. The manual page has been modified accordingly. Ticket #1125
* Remove RA and pkicreate and pkisilentMatthew Harmsen2014-08-28260-56520/+9
| | | | | - PKI TRAC Ticket #1127 - Remove 'pki-ra', 'pki-setup', and 'pki-silent' packages . . .
* Disable PKI GUI ConfigurationMatthew Harmsen2014-08-2812-257/+4
| | | | - PKI TRAC Ticket #1120 - Remove Firefox PKI GUI Configuration Panel Interface
* Added missing upgrade folders.Endi S. Dewata2014-08-272-0/+8
| | | | | | The current upgrade framework requires that all supported versions to upgrade from to have corresponding upgrade folders even though they might be empty. New empty folders have been added for 10.1.1.
generated by cgit (git 2.34.1) at 2025-10-02 18:13:56 +0000