summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Added log messages for certificate validation.Endi S. Dewata2016-08-052-29/+97
| | | | | | | | | | | | | | The ConfigCertApprovalCallback has been modified such that it logs the server certificate being validated and can be configured to ignore certain validation errors. The ConfigurationUtils has been modified to use the ConfigCertApprovalCallback to show and validate the server certificate in all GET and POST operations except for the importCertChain() in which the code needs to ignore untrusted issuer in order to get the certificate chain via SSL. https://fedorahosted.org/pki/ticket/2424
* Fix to sort the output of a cert search by serialno.Jack Magne2016-08-056-18/+197
|
* Added check for Subsystem data and request in 'pki-server subsystem-cert-export'Abhijeet Kasurde2016-08-051-3/+12
| | | | | | Partially fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1353245 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Fixed NumberFormatException in tps-cert-findGeetika Kapoor2016-08-051-4/+16
| | | | Signed-off-by: Geetika Kapoor <gkapoor@redhat.com>
* Ticket#2428 broken request links for CA's system certs in agent request viewingChristina Fu2016-08-041-1/+1
| | | | This patch fixes the issue that when an agent visit one of the CA's system cert request records, exception is thrown.
* Add pkispawn option to disable Master CRLAde Lee2016-08-044-1/+7
|
* Fixed problem creating links to PKI JAR files.Endi S. Dewata2016-08-032-6/+6
| | | | | | | | | | The CMake create_symlink command fails if the link target does not exist already. Since PKI JAR files may not exist at build time, the commands to create the links to those files have been replaced with the ln -sf command which will create the links regardless of the targets' existence. https://fedorahosted.org/pki/ticket/2403
* Fix deployment issueAde Lee2016-08-021-2/+5
| | | | | | | Need to put pki_server_side_keygen in a conditional to avoid breaking other subsystem deployments. Ticket 2418
* pki-tools man pages (spec file)Matthew Harmsen2016-08-011-3/+12
| | | | | | | | | | | * PKI TRAC Ticket #690 - [MAN] pki-tools man pages - AtoB, - AuditVerify, - BtoA, - DRMTool, - KRATool, - PrettyPrintCert, and - PrettyPrintCrl
* pki-tools man pagesMatthew Harmsen2016-08-015-0/+916
| | | | | | | | | * PKI TRAC Ticket #690 - [MAN] pki-tools man pages - AtoB, - BtoA, - KRATool, - PrettyPrintCert, and - PrettyPrintCrl
* Added log message in PKIClient.Endi S. Dewata2016-07-301-1/+10
| | | | | | | To help troubleshooting the PKIClient class has been modified to log the certificate chain retrieved from the CA. https://fedorahosted.org/pki/ticket/2399
* Fix client-cert-import to set provided trust bitsAde Lee2016-07-291-4/+12
| | | | Ticket 2412
* Do slot substitution for SERVER_KEYGENAde Lee2016-07-292-0/+3
| | | | Ticket 2418
* Re-license the python client files to LGPLv3Ade Lee2016-07-2921-110/+316
|
* Updated RESTEasy dependency on Fedora 24.Endi S. Dewata2016-07-291-4/+4
| | | | | | | The RPM spec for Fedora 24 has been updated to use RESTEasy 3.0.17 as in Fedora 25. https://fedorahosted.org/pki/ticket/2403
* Fixed SELinux contexts.Endi S. Dewata2016-07-283-2/+43
| | | | | | | | | | The deployment tool has been modified to set up SELinux contexts after all instance files have been created to ensure they have the correct contexts. An upgrade script has been added to fix existing instances. https://fedorahosted.org/pki/ticket/2421
* Added upgrade scripts to fix server library.Endi S. Dewata2016-07-284-0/+58
| | | | | | | | An upgrade script has been added to replace the <instance>/common in existing instances with a link to /usr/share/pki/server/common which contains links to server dependencies. https://fedorahosted.org/pki/ticket/2403
* Make starting CRL Number configurable.Jack Magne2016-07-275-20/+69
| | | | | | | | | | | | | | | | | | | | | | | | | Ticket #2406 Make starting CRL Number configurable This simple patch provides a pkispawn config param that passes some starting crl number value to the config process. Here is a sample: [CA] pki_ca_starting_crl_number=4000 After the CA comes up the value of "crlNumber" in the db will reflect that value of 4000. Currently no other values are changed. We can talk about if we need more values reset in the given case. Also, this creates a setting in the CS.cfg ca.crl.MasterCrl.startingCrlNumber=4000 This setting is only consulted when the crl Issuing Point record is created for the first time.
* Bugzilla 1330755 fix 'bashism' in test bash to shbhavik bhavsar2016-07-26381-401/+401
|
* RPM spec changes for removing hard-coded paths in deployment tool.Endi S. Dewata2016-07-261-0/+23
| | | | https://fedorahosted.org/pki/ticket/2403
* Removed hard-coded paths in deployment tool.Endi S. Dewata2016-07-264-297/+54
| | | | | | | | | The deployment tool has been modified to link <instance>/common to /usr/share/pki/server/common instead of creating separate links for each dependency. This allows the RPM spec to customize the links for different platforms. https://fedorahosted.org/pki/ticket/2403
* RPM spec changes for removing hard-coded paths in pki CLI.Endi S. Dewata2016-07-261-0/+39
| | | | https://fedorahosted.org/pki/ticket/2403
* Removed hard-coded paths in pki CLI.Endi S. Dewata2016-07-263-39/+52
| | | | | | | | | | The pki CLI has been modified to use java.ext.dirs property to load the dependencies instead of listing them individually. The dependencies are stored as links in /usr/share/pki/lib folder. This allows the RPM spec to customize the links for different platforms. https://fedorahosted.org/pki/ticket/2403
* Removed hard-coded paths in pki.policy.Endi S. Dewata2016-07-262-131/+17
| | | | | | | | | The operations script has been modified to generate pki.policy dynamically from links in the <instance>/common/lib directory. This allows the pki.policy to match the actual paths in different platforms. https://fedorahosted.org/pki/ticket/2403
* Added CMake target dependencies.Endi S. Dewata2016-07-267-1/+8
| | | | | | | | | | To help troubleshooting build issues, some CMake dependencies have been added to some targets even though the actual codes do not require those dependencies. This will ensure the targets are built sequentially so build failures can be found more easily at the end of the build log. https://fedorahosted.org/pki/ticket/2403
* Allow PrettyPrintCert to process HEADERs and TRAILERs.Matthew Harmsen2016-07-221-2/+2
| | | | | * PKI TRAC Ticket #2399 - Dogtag 10.3.5: Miscellaneous Enhancements Checked-in under one-liner/trivial rule.
* Stop using a java8 only constant. Will allow compilation with java7.Jack Magne2016-07-221-1/+3
| | | | Trivial fix.
* Fixed param substitution problem.Endi S. Dewata2016-07-221-2/+2
| | | | | | | The string splice operation in substitute_deployment_params() has been fixed to include the rest of the string. https://fedorahosted.org/pki/ticket/2399
* Fixed error handling in SystemConfigService.Endi S. Dewata2016-07-201-6/+6
| | | | | | | | To help troubleshooting the SystemConfigService has been modified to chain the original exception and to log stack trace into the debug log. https://fedorahosted.org/pki/ticket/2399
* Fixed pkispawn installation summary.Endi S. Dewata2016-07-201-4/+3
| | | | | | | | | The pkispawn installation summary has been modified not to show the admin certificate nickname and NSS database if pki_client_database_purge or pki_clone is set to true since the NSS database will not be created in those cases. https://fedorahosted.org/pki/ticket/2399
* Removed redundant question in interactive pkispawn.Endi S. Dewata2016-07-201-4/+4
| | | | | | | | The pkispawn has been modified such that if the admin selects to import the admin certificate the admin will not be asked where to export the certificate. https://fedorahosted.org/pki/ticket/2399
* Ticket #2246 [MAN] Man Page: AuditVerifyChristina Fu2016-07-151-0/+110
| | | | This patch contains the man page for AuditVerify.
* Fixed cert usage list in pki client-cert-validate.Endi S. Dewata2016-07-152-1/+8
| | | | | | | | The pki client-cert-validate has been modified to add the missing EmailRecipient and to list the supported cert usages. https://fedorahosted.org/pki/ticket/2376 https://fedorahosted.org/pki/ticket/2399
* [MAN] Apply 'generateCRMFRequest() removed from Firefox' workarounds to ↵Jack Magne2016-07-144-2/+178
| | | | | | | | | | | | appropriate 'pki' man page This fix will involve the following changes to the source tree. 1. Fixes to the CS.cfg to add two new cert profiles. 2. Make the caDualCert.cfg profile invisible since it has little chance of working any more in Firefox. 3. Create caSigningUserCert.cfg and caSigningECUserCert.cfg to allow the CLI to have convenient profiles from which to enroll signing ONLY certificates.
* Fix conflict in file ownership in pki-base and pki-serverMatthew Harmsen2016-07-141-0/+2
| | | | * PKI TRAC Ticket #2402 - Conflict in file ownership in pki-base and pki-server
* Fixed certificate validation error message.Endi S. Dewata2016-07-141-1/+1
| | | | | | | The pkihelper.py has been modified to display the correct external command name on system certificate validation error. https://fedorahosted.org/pki/ticket/2399
* Added fix for pki-server for db-updateGeetika Kapoor2016-07-141-2/+2
| | | | | | | fixes: https://fedorahosted.org/pki/ticket/1667 Signed-off-by: Geetika Kapoor <gkapoor@redhat.com> Reviewed-by: Fraser Tweedale <ftweedal@redhat.com>
* Ticket #2389 fix for regular CA installationChristina Fu2016-07-111-6/+11
| | | | This patch addresses the issue that with the previous patch, the regular (non-external and non-existing) CA installation fails.
* Added 'hostname' as a runtime requirement to pki-serverMatthew Harmsen2016-07-111-0/+1
| | | | | * PKI TRAC Ticket #2401 - pkispawn calls dnsdomainname even if it does not rpm-require hostname
* Ticket #978 PPS connector man page: add revocation routing infoChristina Fu2016-07-081-1/+22
|
* Fixed pki pkcs12-import output.Endi S. Dewata2016-07-071-1/+4
| | | | | | | | The pki pkcs12-import has been modified to suppress the output of external command execution and display a completion message more consistently. https://fedorahosted.org/pki/ticket/2399
* Fixed problem with pki pkcs12-import --no-trust-flags.Endi S. Dewata2016-07-071-3/+0
| | | | | | | | The pki pkcs12-import CLI has been fixed such that when it calls pki pkcs12-cert-find internally it does not add --no-trust-flags option. https://fedorahosted.org/pki/ticket/2399
* Added general exception handling for pki-server CLI.Endi S. Dewata2016-07-061-0/+6
| | | | | | | | The pki-server CLI has been modified to catch all exceptions and display a simple exception message. In verbose mode it will display the stack trace. https://fedorahosted.org/pki/ticket/2381
* Added validation for pki client-cert-request sensitive parameter.Endi S. Dewata2016-07-061-0/+3
| | | | | | | The pki client-cert-request CLI has been modified to validate the boolean sensitive parameter. https://fedorahosted.org/pki/ticket/2383
* Added validation for pki client-cert-request extractable parameter.Endi S. Dewata2016-07-061-0/+3
| | | | | | | The pki client-cert-request CLI has been modified to validate the boolean extractable parameter. https://fedorahosted.org/pki/ticket/2383
* Fixed CLI error message on connection problemsEndi S. Dewata2016-07-061-1/+12
| | | | | | | The CLI has been modified to display the actual error message instead of generic ProcessingException. https://fedorahosted.org/pki/ticket/2377
* Fixed exception chain in SigningUnit.init().Endi S. Dewata2016-07-063-19/+32
| | | | | | | The SigningUnit.init() has been modified to chain the exceptions to help troubleshooting. https://fedorahosted.org/pki/ticket/2399
* Added instance and subsystem validation for pki-server subsystem-* commands.Abhijeet Kasurde2016-07-061-13/+53
| | | | | | | The pki-server subsystem-* commands have been updated to validate the instance and subsystem before proceeding with the operation. https://fedorahosted.org/pki/ticket/2399
* Updated version number to 10.3.5-0.1Matthew Harmsen2016-07-054-4/+16
|
* Updated version number to 10.3.5-0.1Matthew Harmsen2016-07-053-3/+3
|
generated by cgit (git 2.34.1) at 2025-09-27 21:02:48 +0000