pki.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fixed default CA cert trust flags in pki CLI.	Endi S. Dewata	2017-06-03	1	-1/+1
\| \| \| \| \| \| \| \| \|	The pki CLI has been modified to use CT,C,C as the default trust flags for CA certificate import operations. https://pagure.io/dogtagpki/issue/2726 Change-Id: I68c5a0303459319cc746a77703d0a420f4f68377
*	Fixed pylint issues	Matthew Harmsen	2017-06-02	1	-2/+2
\| \| \| \|	- https://pagure.io/dogtagpki/issue/2713 - Build failure due to Pylint issues
*	Fixed problem with --ignore-banner option.	Endi S. Dewata	2017-05-20	1	-0/+10
\| \| \| \| \| \| \| \| \|	The pki CLI has been modified to parse the --ignore-banner option properly and pass it only to Java-based CLI commands. https://pagure.io/dogtagpki/issue/2683 Change-Id: Ifc3e98f74682a2fb4daeea16e86f495515a2d1f5
*	Exporting environment variables for PKI client.	Endi S. Dewata	2017-03-16	1	-21/+5
\| \| \| \| \|	The default pki.conf has been modified to export the environment variables such that they can be used by PKI client.
*	Added cascading configuration for PKI CLI.	Endi S. Dewata	2017-03-15	1	-0/+236
\| \| \| \| \| \| \| \| \|	The PKI CLI has been modified to support cascading configuration files: default, system-wide, and user-specific configuration. The existing Python-based PKI CLI was moved into pki.cli.main module. A new shell script was added as a replacement which will read the configuration files and invoke the Python module.
*	Re-license the python client files to LGPLv3	Ade Lee	2016-07-29	2	-12/+14
\|
*	Fixed pki pkcs12-import output.	Endi S. Dewata	2016-07-07	1	-1/+4
\| \| \| \| \| \| \| \|	The pki pkcs12-import has been modified to suppress the output of external command execution and display a completion message more consistently. https://fedorahosted.org/pki/ticket/2399
*	Fixed problem with pki pkcs12-import --no-trust-flags.	Endi S. Dewata	2016-07-07	1	-3/+0
\| \| \| \| \| \| \| \|	The pki pkcs12-import CLI has been fixed such that when it calls pki pkcs12-cert-find internally it does not add --no-trust-flags option. https://fedorahosted.org/pki/ticket/2399
*	Fixed KRA cloning issue.	Endi S. Dewata	2016-06-29	1	-1/+18
\| \| \| \| \| \| \| \| \| \| \| \| \|	The pki pkcs12-import CLI has been modified not to import certificates that already exist in the NSS database unless specifically requested with the --overwrite parameter. This will avoid changing the trust flags of the CA signing certificate during KRA cloning. The some other classes have been modified to provide better debugging information. https://fedorahosted.org/pki/ticket/2374
*	Fixed pki pkcs12-import backward compatibility.	Endi S. Dewata	2016-04-08	1	-1/+6
\| \| \| \| \| \| \| \| \| \| \| \| \|	For backward compatibility the pki pkcs12-import has been modified to generate default nicknames and trust flags for CA certificates if they are not specified in the PKCS #12 file. The PKCS12Util was also modified to find the certificate corresponding to a key more accurately using the local ID instead of the subject DN. The configuration servlet has been modified to provide better debugging information when updating the security domain. https://fedorahosted.org/pki/ticket/2255
*	Added support for cloning 3rd-party CA certificates.	Endi S. Dewata	2016-03-18	1	-66/+115
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The installation code has been modified such that it imports all CA certificates from the PKCS #12 file for cloning before the server is started using certutil. The user certificates will continue to be imported using the existing JSS code after the server is started. This is necessary since JSS is unable to preserve the CA certificate nicknames. The PKCS12Util has been modified to support multiple certificates with the same nicknames. The pki pkcs12-cert-find has been modified to show certificate ID and another field indicating whether the certificate has a key. The pki pkcs12-cert-export has been modified to accept either certificate nickname or ID. The pki pkcs12-import has been modified to provide options for importing only user certificates or CA certificates. https://fedorahosted.org/pki/ticket/1742
*	Renamed PKCS #12 options for consistency.	Endi S. Dewata	2016-03-18	1	-13/+13
\| \| \| \| \| \| \|	The pki CLI's --pkcs12 options has been renamed to --pkcs12-file for consistency with pki-server CLI options. https://fedorahosted.org/pki/ticket/1742
*	Fix pylint 1.5 violation in new pki.cli.pkcs12 module	Christian Heimes	2016-02-29	1	-4/+2
\| \| \| \| \| \|	************* Module pki.cli.pkcs12 E:160,43: Value 'cert_info' doesn't support membership test (unsupported-membership-test)
*	Added workaround for JSS limitation in pki pkcs12-import.	Endi S. Dewata	2016-02-26	1	-0/+127
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Currently JSS is unable to import CA certificates while preserving their nicknames. As a workaround, the pki pkcs12-import has been modified such that it exports individual CA certificates from PKCS The remaining user certificates will continue to be imported using JSS. A new pki pkcs12-cert-export command has been added to export individual certificates from PKCS #12 file into PEM files. The pki pkcs12-import has been modified to take a list of nicknames of the certificates to be imported into NSS database. https://fedorahosted.org/pki/ticket/1742
*	Added Python wrapper for pki pkcs12-import.	Endi S. Dewata	2016-02-26	2	-0/+327
	A Python wrapper module has been added for the pki pkcs12-import command to provide a mechanism to implement a workaround for JSS import limitation. Additional fixes by cheimes have been merged into this patch: setup.py: We must track all sub-packages manually. pylint-build-scan.py: pylint confuses the 'pki' package with the 'pki' command. The workaround symlinks the command and analysis the command under its alternative name. https://fedorahosted.org/pki/ticket/1742