| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
The code used by pkispawn and pkidestroy has been modified to ignore
certificate validity warnings/errors that happens during installation.
The instanceCreationMode is now redundant and has been removed from
ClientConfig.
|
| |
|
|
|
|
|
|
| |
A new method has been added to the PKIClient to download the CA
certificate chain from an alternative location including the admin
interface.
Ticket #491
|
| |
|
|
|
|
|
|
| |
The default client database location for CLI has been changed to
~/.dogtag/nssdb. The database will always be initialized regardless
whether it is actually used.
Ticket #491
|
| |
|
|
|
|
|
| |
A new CLI module has been added to manage certificates in client
security database.
Ticket #491
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The code to import CA certificate has been moved from PKIConnection
into PKIClient to allow reuse.
The Client classes have been modified such that it uses a shared
PKIClient object instead of PKIConnection.
The return codes in CertFindCLI has been fixed to be more consistent
with other commands.
Ticket #491
|
| |
|
|
|
|
|
|
| |
Output the actual result of a revoke/unrevoke operation in CLI. Since
the actual result of the operation can be different from the cert request
status.
Ticket #217
|
| |
|
|
|
|
|
|
| |
New options have been added to the CLI to reject or ignore certain
cert validity statuses such as UNTRUSTED_ISSUER or BAD_CERT_DOMAIN.
The options can also be defined in pki.conf as a system-wide policy.
Ticket #491
|
| |
|
|
|
|
|
| |
The CLI has been modified such that by default it will use FQDN
instead of localhost to avoid SSL certificate warnings.
Ticket #541
|
| |
|
|
|
|
|
| |
Remove the text [OPTIONS]... in user-show message, which misleads
that there are other optional arguements.
Ticket #543
|
| |
|
|
|
|
|
|
| |
The PKCS10Client and CRMFPopClient use the CMS.BtoA and CMS.Atob
for encoding and decoding purposes which throws an exception.
Instead using the base64decode and the base64encode methods in Utils.
Ticket #549
|
| |
|
|
|
|
|
| |
A new option has been added to the CLI to capture HTTP requests
and responses and store them in the specified folder.
Ticket #523
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
A new cert-request-show command has been added to allow EE users to
check certificate request status.
Ticket #511
|
| |
|
|
|
|
|
|
| |
New CLI's have been added to search, add, and remove user membership.
The group member management code has been refactored into a processor
to allow reuse.
Ticket #190
|
| |
|
|
|
|
|
| |
The cert-find command has been modified to provide an option to
search by certificate status.
Ticket #501
|
| |
|
|
|
|
|
|
| |
The cert-find command has been modified to include some additional
attributes including certificate type and version, key algorithm
name and length, validity dates, creation time and issuer.
Ticket #498
|
| |
|
|
|
|
|
|
|
| |
The cert-find command has been fixed to show better error messages
on missing validity duration options. The validity duration unit
has been changed to take "day", "week", "month", or "year" and
convert it into milliseconds.
Ticket #291, #500
|
| |
|
|
|
|
|
|
| |
All date parameters for cert-find have been modified to use the
YYYY-MM-DD date format. Date parsing code in FilterBuilder has
been modified not to ignore parsing errors.
Ticket #497
|
| |
|
|
|
|
|
| |
The cert-request-approve has been merged into cert-request-review
to ensure that these operations are executed in the same session.
Ticket #474
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The certificate REST service has been modified to validate
nonce when revoking a certificate.
Ticket #213
|
| |
|
|
|
|
|
|
|
|
|
| |
* Added RESTful servlet to add/remove a KRA connector from the CA.
* Modified ACL to allow KRA subsystem user to remove connector.
* Modified connector code to allow the connector to be replaced without a server restart.
* Added functionality to pki CLI to add/remove connector
* Added code to pkidestroy to remove the connector (using both pki CLI and sslget)
When the issues with pki connection are resolved, we will use that method instead.
* Modified sslget to accept HTTP return codes != 200. In this case, we were returning
204 - which is perfectly legitimate.
|
| |
|
|
|
|
|
|
| |
The CertSearchRequest has been modified to fix the infinite loop
in getIssuedOnTo(). The CertFindCLI has been modified to accept
dates with format YYYY-MM-DD instead of epoch time.
Ticket #416
|
| |
|
|
|
|
|
|
| |
The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.
Ticket #376
|
| |
|
|
|
|
|
|
| |
The REST interface for security domain has been updated to provide
a method to get the domain info. A CLI has been provided to access
this method.
Ticket #309
|
| |
|
|
|
|
|
|
|
| |
A REST account service has been added to allow client to login
to establish a session and to logout to destroy the session. This
way multiple operations can be executed using the same session
without having to re-authenticate.
Ticket #357
|
| |
|
|
|
|
|
|
|
| |
The code in PKIClient has been refactored into PKIConnection
such that a single connection object can be used by several
REST clients. The PKIClient will remain the base class for
all REST clients.
Ticket #357
|
| |
|
|
|
|
|
|
| |
The REST interface for security domain has been refactored and
configured such that it requires authentication. A CLI has been
added to get an installation token.
Ticket #309
|
| |
|
|
|
|
|
|
|
|
|
| |
The CMake scripts have been modified to store the version number
in /usr/share/pki/VERSION and in JAR manifest files. These files
can be read by PKI applications to obtain the version number
without having to query the RPM database.
Fixed warnings in Java.cmake file.
Ticket #339
|
| |
|
|
|
|
|
|
|
|
| |
The pki-client.jar has been split and merged into pki-certsrv.jar
and pki-tools.jar. The REST client classes are now packaged in
com.netscape.certsrv.<component> packages. The REST CLI classes
are now packaged in com.netscape.cmstools.<component> packages.
The "pki" script has been moved into pki-tools RPM package.
Ticket #215
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Addressed review coments.
|
| | |
|
| | |
|
| |
|
|
| |
REVERSE_INULL,Wrong_Map_Iterators
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
FB.DM_STRING_CTOR, FB.DM_STRING_VOID_CTOR
|
| |
|
|
|
|
|
| |
Most of unused private fields have been removed because they generate
warnings in Eclipse. Some are kept because it might be useful later.
Ticket #139
|
| |
|
|
|
|
| |
Unnecessary type casts have been removed using Eclipse Quick Fix.
Ticket #134
|
| |
|
|
|
|
|
|
| |
Whitespaces in Java code have been removed with the following command:
find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \;
Ticket #134
|
| |
|
|
|
|
|
| |
The deprecated RevRequest constructor has been replaced with
another constructor with null invalidity date.
Ticket #3
|
