| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
| |
The code used by pkispawn and pkidestroy has been modified to ignore
certificate validity warnings/errors that happens during installation.
The instanceCreationMode is now redundant and has been removed from
ClientConfig.
|
|
|
|
|
|
|
|
| |
The default client database location for CLI has been changed to
~/.dogtag/nssdb. The database will always be initialized regardless
whether it is actually used.
Ticket #491
|
|
|
|
|
|
|
| |
A new CLI module has been added to manage certificates in client
security database.
Ticket #491
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code to import CA certificate has been moved from PKIConnection
into PKIClient to allow reuse.
The Client classes have been modified such that it uses a shared
PKIClient object instead of PKIConnection.
The return codes in CertFindCLI has been fixed to be more consistent
with other commands.
Ticket #491
|
|
|
|
|
|
|
|
| |
New options have been added to the CLI to reject or ignore certain
cert validity statuses such as UNTRUSTED_ISSUER or BAD_CERT_DOMAIN.
The options can also be defined in pki.conf as a system-wide policy.
Ticket #491
|
|
|
|
|
|
|
| |
The CLI has been modified such that by default it will use FQDN
instead of localhost to avoid SSL certificate warnings.
Ticket #541
|
|
|
|
|
|
|
| |
A new option has been added to the CLI to capture HTTP requests
and responses and store them in the specified folder.
Ticket #523
|
|
|
|
|
|
|
|
|
|
|
| |
* Added RESTful servlet to add/remove a KRA connector from the CA.
* Modified ACL to allow KRA subsystem user to remove connector.
* Modified connector code to allow the connector to be replaced without a server restart.
* Added functionality to pki CLI to add/remove connector
* Added code to pkidestroy to remove the connector (using both pki CLI and sslget)
When the issues with pki connection are resolved, we will use that method instead.
* Modified sslget to accept HTTP return codes != 200. In this case, we were returning
204 - which is perfectly legitimate.
|
|
|
|
|
|
|
|
| |
The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.
Ticket #376
|
|
|
|
|
|
|
|
|
| |
A REST account service has been added to allow client to login
to establish a session and to logout to destroy the session. This
way multiple operations can be executed using the same session
without having to re-authenticate.
Ticket #357
|
|
|
|
|
|
|
|
|
| |
The code in PKIClient has been refactored into PKIConnection
such that a single connection object can be used by several
REST clients. The PKIClient will remain the base class for
all REST clients.
Ticket #357
|
|
|
|
|
|
|
|
| |
The REST interface for security domain has been refactored and
configured such that it requires authentication. A CLI has been
added to get an installation token.
Ticket #309
|
|
|
|
|
|
|
|
|
|
|
| |
The CMake scripts have been modified to store the version number
in /usr/share/pki/VERSION and in JAR manifest files. These files
can be read by PKI applications to obtain the version number
without having to query the RPM database.
Fixed warnings in Java.cmake file.
Ticket #339
|
|
The pki-client.jar has been split and merged into pki-certsrv.jar
and pki-tools.jar. The REST client classes are now packaged in
com.netscape.certsrv.<component> packages. The REST CLI classes
are now packaged in com.netscape.cmstools.<component> packages.
The "pki" script has been moved into pki-tools RPM package.
Ticket #215
|