summaryrefslogtreecommitdiffstats
path: root/base/server/etc/default.cfg
Commit message (Collapse)AuthorAgeFilesLines
* ticket #1110 pkispawn (configuration) does not provide CA extensions in ↵Christina Fu2014-09-251-0/+5
| | | | subordinate certificate signing requests (CSR)
* Remove Apache info from pkispawn and pkidestroyMatthew Harmsen2014-09-021-32/+1
| | | | - PKI TRAC Ticket #1077 - Consider removing [Apache] section from 'default.cfg'
* Add ability to create database as subtree of existing treeAde Lee2014-07-171-0/+2
| | | | | | | | | | | | | | | | This patch adds the ability to create a subsystem that uses an existing subtree to create the internal basedn. This is useful for instance, for IPA which will use the original o=ipaca as the top level DN for a KRA, which will be situated at o=ipadrm, o=ipaca. The patch also allows such a system to be cloned, but not to setup the replication agreements, on the assumption that the data is already being replicated at the top-level DN or some higher level. The patch also contains some minor cleanups - removing unused imports and removal of an invalid reference in the python code. Ticket 1051
* TPS Token Profile Resolver Framework - part2Christina Fu2014-06-041-0/+1
|
* PhoneHome feature:Jack Magne2014-04-151-0/+1
| | | | | | 1. Provides an xml file served by TPS to allow the client(esc) to configure itself to contact TPS. 2. Edewata review fixes. Return application/xml instead of text/xml, and fix how the phone home file path is calculated.
* Share subsystem cert in shared tomcat instancesAde Lee2014-03-311-10/+13
| | | | | | | | | | In shared tomcat instances, we need to share the subsystem cert and not create a new one for each additional subsystem added to the instance. In addition, if the instances share the same database, then only one pkidbuser should be created with the relevant subsystem cert and seeAlso attribute. Ticket 893
* Upgraded RESTEasy client library.Endi S. Dewata2014-02-271-0/+1
| | | | | | | | | | The Dogtag client library has been modified to use RESTEasy 3.0 client library. A new upgrade script has been added to update existing servers. The JAXB annotation in ResourceMessage has been modified to require explicit property mapping. Ticket #554
* Replaced Jettison with Jackson.Endi S. Dewata2014-02-061-12/+20
| | | | | | | | | The Jettison library has been replaced with Jackson library as JSON provider for RESTEasy. All class paths and the deployment tools have been updated accordingly. The Python library and the TPS UI have been updated as well to use the new JSON format. Ticket #817
* Moved web application context file.Endi S. Dewata2013-12-161-3/+0
| | | | | | | | | | | | | | The location of web application context file has been changed from <instance>/webapps/<name>/META-INF/context.xml into <instance>/conf/Catalina/localhost/<name>.xml. This will eventually allow deploying the web application directly from the shared folder. A new upgrade script has been added to move the context files in the existing instances. Ticket #499
* Revert to allowing security managerAde Lee2013-11-071-1/+1
| | | | | | | Bug in tomcat for security manager has been resolved. Updated tomcat requirement accordingly. Ticket 774
* Stand-alone DRMMatthew Harmsen2013-10-251-0/+1
| | | | * TRAC Ticket #762 - Stand-alone DRM (cleanup tasks)
* Stand-alone DRMMatthew Harmsen2013-10-151-6/+50
| | | | * TRAC Ticket #667 - provide option for ca-less drm install
* Add service to generate and retrieve a shared secretAde Lee2013-09-301-0/+1
| | | | | | | | | | | | | | | | A new REST service has been added to the TKS to manage shared secrets. The shared secret is tied to the TKS-TPS connector, and is created at the end of the TPS configuration. At this point, the TPS contacts the TKS and requests that the shared secret be generated. The secret is returned to the TPS, wrapped using the subsystem certificate of the TPS. The TPS should then decrypt the shared secret and store it in its certificate database. This operations requires JSS changes, though, and so will be deferred to a later patch. For now, though, if the TPS and TKS share the same certdb, then it is sufficient to generate the shared secret. Clients and CLI are also provided. The CLI in particular is used to remove the TPSConnector entries and the shared secret when the TPS is pkidestroyed.
* Added new link for resteasy dependencyAde Lee2013-09-171-0/+2
| | | | | Resteasy 3.0.1 uses apache-commons-io. Also fixed PKIErrorInterceptor with correct method call and reformatted the interceptors.
* fixing for new tomcat systemd filesAde Lee2013-09-171-2/+2
| | | | | | | | tomcat now uses systemd unit files. We will reuse and customize those files accordingly. As a result, startup is simplified considerably - and pkidaemon has been gutted accordingly. We'll need to add migration scripts for older instances in a subsequent patch.
* Initial code to configure a TPS in tomcatAde Lee2013-08-131-0/+8
| | | | | This code allows pkispawn to configure a tps in tomcat. It does not include any config using the web UI panels.
* Added Tomcat-based TPS instance.Endi S. Dewata2013-06-101-3/+19
| | | | | | | | | The build and deployment tools have been modified to support creating a basic Tomcat instance to run TPS. New configuration and template files for TPS have been copied from another Tomcat subsystem. The TPS functionality itself will be added in future patches. Ticket #526
* Renamed CA_PORT into PKI_CA_PORT.Endi Sukma Dewata2013-06-031-0/+1
| | | | | The CA_PORT variable has been renamed into PKI_CA_PORT for consistency.
* Renamed CA_HOST into PKI_CA_HOSTNAME.Endi Sukma Dewata2013-06-031-0/+1
| | | | | The CA_HOST variable has been renamed into PKI_CA_HOSTNAME for consistency.
* Replaced ~/.pki with ~/.dogtag.Endi Sukma Dewata2013-04-271-1/+1
| | | | | The default folder for to store user files in the home directory has been changed from .pki to .dogtag.
* random certificate serial numbersAndrew Wnuk2013-04-191-0/+1
| | | | | | This patch adds support for random certificate serial numbers. Bug 912554.
* Renamed base/deploy to base/server.Endi Sukma Dewata2013-04-091-0/+531
The base/deploy folder has been renamed to base/server to match the package name. The pki.conf has been moved into pki-base package. Ticket #553, #564
generated by cgit (git 2.34.1) at 2024-07-02 06:03:11 +0000