| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Selinux policy has been changed to use standard tomcat ports. Corresponding
changes have been made in the pki-deploy scripts.
Minor change in config script for password check.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* TRAC Ticket #263 - Dogtag 10: Fix 'pkidestroy' problem of sporadically "not"
removing "/etc/sysconfig/{pki_instance_id}" . . .
* TRAC Ticket #264 - Dogtag 10: Enable various other subsystems for
configuration . . .
* TRAC Ticket #261 - Dogtag 10: Revisit command-line options of 'pkispawn' and
'pkidestroy' . . .
* TRAC Ticket #268 - Dogtag 10: Create a parameter for optional restart of
configured PKI instance . . .
* TRAC Ticket #270 - Dogtag 10: Add missing parameters to
'pkideployment.cfg' . . .
* TRAC Ticket #265 - Dogtag 10: Provide configurable options for PKI client
information . . .
* TRAC Ticket #275 - Dogtag 10: Add debug information (comments) to Tomcat 7
"logging.properties"
* TRAC Ticket #276 - Dogtag 10: Relocate all 'pin' data to the 'sensitive'
dictionary
* TRAC Ticket #277 - Dogtag 10: Create an 'archive' for 'manifest' and
'pkideployment.cfg' files
* TRAC Ticket #278 - Dogtag 10: Fix Miscellaneous PKI Deployment Scriptlet
Issues . . .
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PKI TRAC Ticket #244 - Non-user-friendly message when deleting non-existent
subsystem with pkidestroy
* PKI TRAC Ticket #246 - Incorrect parameter names in pkispawn configuration
* PKI TRAC Ticket #248 - pki_ds_database should not be a DN
* PKI TRAC Ticket #249 - pki_ds_base_dn causing pkispawn failure
* PKI TRAC Ticket #250 - Creating/removing custom instances should not require
http/ajp ports
* PKI TRAC Ticket #251 - Instance name may conflict with other files
* PKI TRAC Ticket #253 - Fix pki-destroy removal of
'/var/log/pki/{pki_instance_id}' directory . . .
* PKI TRAC Ticket #254 - Dogtag 10: Fix spec file to build successfully via mock
on Fedora 17 . . .
* PKI TRAC Ticket #255 - Missing resteasy-atom-provider.jar
* PKI TRAC Ticket #260 - Dogtag 10: Change the layout of 'pki_instance_id' . . .
|
|
|
|
|
|
| |
Added tomcat_t for java processes. Added aliases for old types to allow
compatibility of existng subsystems. Added install scripts for pkispawn
and pkidestroy
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* In 'catalina.properties', removed commented out jars
for each of the subsystems in the 'common.loader'
* In 'server.xml', removed the line containing a '1'
* Moved all parameters from the [Mandatory] and [Optional]
sections of the 'pkideployment.cfg' file to other more
appropriate sections (e.g. - [Common], [CA], [KRA], etc.),
and removed these sections and all of their associated
logic from the 'pki-deploy' package
* Resolved Dogtag TRAC Ticket #225
Dogtag 10: Move "pkispawn"/"pkidestroy" logs
* Removed all security domain references from
external CA logic
* Added new 'pki_subsystem_name' parameter to
'pkideployment.cfg' file, and applied logic
throughout 'pki-deploy'
* Added new error message in the case of an
unset DNS domain name, and replaced the
log message with a simple print in the
case of a 'domainname' exception
|
|
|
|
|
|
|
|
|
| |
Saved Admin Certificate, imported it into NSS client security databases, and
exported it to a PKCS #12 file such that it may be imported into a browser.
TRAC Ticket #221
Dogtag 10: Create a PKCS #12 file containing the Admin Certificate
(https://fedorahosted.org/pki/ticket/221)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Integration of Tomcat 7
* Introduction of dependency upon tomcatjss 7.0
* Removal of http filtering configuration mechanisms
* Introduction of additional slot substitution to
support revised filesystem layout
* Addition of 'pkiuser' uid:gid creation methods
* Inclusion of per instance '*.profile' files
* Introduction of configurable 'configurationRoot'
parameter
* Introduction of default configuration of 'log4j'
mechanism (alee)
* Modify web.xml to use new Application classes to
bootstrap servers (alee)
* Introduction of "Wrapper" logic to support
Tomcat 6 --> Tomcat 7 API change (jmagne)
* Added jython helper function to allow attaching
a remote java debugger (e. g. - eclipse)
|
|
|
|
|
|
|
| |
* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
PKI Deployment strategy
* Removal of 'pki_flavor' attribute
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Introduced concept of "admin-domain" originally as a
separate folder, and later incorporated this concept
into an optional instance prefix
* Revised definition of <pki_instance_id> to be identified
as "[<pki_admin_domain_name>-]<pki_instance_name>
* Changed NSS security database model from one shared
database by BOTH a single Tomcat AND single Apache instance
into one per Tomcat instance (shared by CA/KRA/OCSP/TKS) and
one per Apache instance (shared by RA/TPS)
* Altered Configuration 'scriptlet' to invoke Jython for
access to new Java configuration servlet
* Renamed various "scriptlets" to comply with this new layout
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
* Massaged logic to comply with PKI subsystem running within
a shared instance
* Developed code to take advantage of a single shared NSS security
database model
* Completed the following two 'scriptlets':
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Created several additional PKI deployment helper utilities.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Completed the following six 'scriptlets':
* Dogtag 10: Python 'initialization.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/147)
* Dogtag 10: Python 'instance_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/75)
* Dogtag 10: Python 'webserver_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/140)
* Dogtag 10: Python 'subsystem_layout.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/141)
* Dogtag 10: Python 'war_explosion.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/76)
* Dogtag 10: Python 'finalization.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/148)
* Created numerous PKI deployment helper utilities.
* Augmented logging to provide indentation.
* Generated logic for installation 'manifest'.
* Tested logic using '--dry_run' option and '-p' prefix options.
* Per initial review, removed numerous "constants" and consolidated
logic into "master" dictionary.
* Corrected the following ticket:
* Dogtag 10: Fix 'build_dogtag_pki' script to account for 'pki-deploy' RPM
(https://fedorahosted.org/pki/ticket/138)
Resolves Bugzilla Bug #810047 - build_dogtag_pki fails with requirements
for pki-deploy
(https://bugzilla.redhat.com/show_bug.cgi?id=810047)
* Created the following three 'scriptlets' as 'NOT YET IMPLEMENTED'
place-holders:
* Dogtag 10: Python 'security_databases.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/136)
* Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
(https://fedorahosted.org/pki/ticket/146)
* Dogtag 10: Python 'configuration.py' Configuration Scriptlet
(https://fedorahosted.org/pki/ticket/137)
|
|
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
|