summaryrefslogtreecommitdiffstats
path: root/base/common/share/etc
Commit message (Collapse)AuthorAgeFilesLines
* Enabling all subsystems on startup.Endi S. Dewata2017-05-231-0/+6
| | | | | | | | | | | The operations script has been modified to enable all subsystems on startup by default. If the selftest fails, the subsystem will be shutdown again automatically as before. A pki.conf option has been added to configure this behavior. https://pagure.io/dogtagpki/issue/2699 Change-Id: Iaf367ba2d88d73f377662eee5eafbb99e088ae50
* Change CRMFPopClient to use AES-KeyWrap with paddingAde Lee2017-03-241-0/+16
| | | | | | | | | | | | | | | | | | Also made a couple of small changes to WrappingParams. * Set the wrapIV to null when AES KeyWrap is used. Trying to unpack the PKIArchiveOptions package with this IV set to null fails. * removed superfluous this modifiers. Added a parameter KEY_WRAP_PARAMETER_SET which is set in /etc/pki/pki.conf. If this parameter is set to 0, we will use the old DES3 algorithms. This can be set by clients talking to old servers. CRMFPopClient has the ability to automatically submit requests to a CA. In this case, we shouldcontact the server and determine the version using InfoClient, and choose the algorithm accordingly. We will implement this in a separate patch. Change-Id: Ib4a99545cb59b62a96c272311595e96dda10979e
* Added support for disabling SSL ciphers in pki.conf.Endi S. Dewata2017-03-211-1/+2
| | | | | The CryptoUtil.setSSLCiphers() has been modified to support a "-" sign in front of the cipher name or ID to disable the cipher.
* Added support for hex cipher IDs in pki.conf.Endi S. Dewata2017-03-211-1/+1
| | | | | The CryptoUtil.setSSLCipher() has been modified to support ciphers specified using hex ID.
* Added pki.conf parameter for default SSL ciphers.Endi S. Dewata2017-03-191-0/+5
| | | | | A new parameter has been added to pki.conf to enable/disable the default SSL ciphers for PKI CLI.
* Added pki.conf parameter for SSL ciphers.Endi S. Dewata2017-03-191-0/+7
| | | | | A new parameter has been added to pki.conf to configure the SSL ciphers used by PKI CLI in addition to the default ciphers.
* Added configuration parameters for SSL version ranges.Endi S. Dewata2017-03-191-0/+14
| | | | | The hard-coded SSL version ranges in PKI CLI have been converted into configurable parameters in the pki.conf.
* Exporting environment variables for PKI client.Endi S. Dewata2017-03-161-0/+8
| | | | | The default pki.conf has been modified to export the environment variables such that they can be used by PKI client.
* Added man pages for logging configuration.Endi S. Dewata2016-11-181-2/+0
| | | | | | | New man pages have been added for the common and server logging configurations. https://fedorahosted.org/pki/ticket/1897
* Updated logging.properties.Endi S. Dewata2016-11-181-0/+1
| | | | | | | | | | | | To reduce maintenance the logging.properties is no longer copied into the instance folder during deployment. Instead, a link will be created in /etc/pki/<instance> pointing to the default file in /usr/share/pki/server/conf. The default logging.properties has been updated to only log messages with level WARNING or higher on the console. https://fedorahosted.org/pki/ticket/1897
* Removed hard-coded paths in pki CLI.Endi S. Dewata2016-07-261-0/+3
| | | | | | | | | | The pki CLI has been modified to use java.ext.dirs property to load the dependencies instead of listing them individually. The dependencies are stored as links in /usr/share/pki/lib folder. This allows the RPM spec to customize the links for different platforms. https://fedorahosted.org/pki/ticket/2403
* Fixed Java dependency.Endi S. Dewata2016-06-171-0/+3
| | | | | | | | | | The code has been modified to use the JAVA_HOME path specified in the pki.conf. The spec file has been modified to depend specifically on OpenJDK 1.8.0 and to provide the default JAVA_HOME path for the pki.conf. https://fedorahosted.org/pki/ticket/2363
* Refactored PKCS12Export.Endi S. Dewata2016-02-122-0/+31
| | | | | | | | | | | | | The code to export NSS database into PKCS #12 file in PKCS12Export tool has been refactored into PKCS12Util class to simplify further enhancements. The PKCS12Export tool has also been modified to use Java Logging API. A default logging configuration file has been added. The command-line wrapper has been modified to get the path to the logging configuration file from pki.conf. https://fedorahosted.org/pki/ticket/1742
* Remove legacy multilib JNI_JAR_DIR logicMatthew Harmsen2014-12-041-1/+1
| | | | | | | | | | | | | | | | * Bugzilla Bug #1165351 - Errata TPS test fails due to dependent packages not found (cherry picked from commit d7a0807b7493fc3d86900ee4aaf8199efd824907) Conflicts: base/java-tools/templates/pki_java_command_wrapper.in base/java-tools/templates/pretty_print_cert_command_wrapper.in base/java-tools/templates/pretty_print_crl_command_wrapper.in base/server/python/pki/server/deployment/pkiparser.py base/server/scripts/operations (cherry picked from commit c8d73ade2c651fd5ca01226c89d5d19828bfc9b7)
* Fixed incorrect JNI_JAR_DIR.Endi Sukma Dewata2013-05-071-3/+0
| | | | | | | | | | The JNI_JAR_DIR is supposed to be architecture-specific but the pki-base package is architecture-neutral. So, to ensure it has the correct value, the variable will be set at post installation. Also, to simplify the upgrade process, the variable has been moved from /etc/pki/pki.conf into /usr/share/pki/etc/pki.conf. The build, deployment, startup, and upgrade scripts have been modified accordingly.
* Added upgrade scriptlet to add JNI_JAR_DIR.Endi Sukma Dewata2013-04-291-0/+5
A new upgrade scriptlet has been added to add JNI_JAR_DIR into pki.conf. The code to manipulate property files has been refactored from PKIUpgradeTracker into a separate PropertyFile class to allow reuse. The pki-base package has been modified to deliver a default pki.conf in /usr/share/pki/etc and copy it into /etc/pki if it doesn't exist.
generated by cgit (git 2.34.1) at 2026-01-08 20:20:29 +0000