| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
The pki-cert and pki-server-subsystem man pages have been updated
to include recent changes.
https://fedorahosted.org/pki/ticket/456
(cherry picked from commit 3294f5087997427d060bce85d033652f7a8431da)
|
|
|
|
|
|
|
| |
- PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI
subsystems which are not accessible
- PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat
shows an error page
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When setting up a clone, indexes are added before the
replication agreements are set up and the consumer is initialized.
Thus, as data is replicated and added to the clone db, the
data is indexed.
When cloning is done with the replication agreements already set
up and the data replicated, the existing data is not indexed and
cannot be accessed in searches. The data needs to be reindexed.
Related to ticket 1414
|
|
|
|
|
| |
- PKI TRAC Ticket #1524 - pkispawn: certutil options incorrect for creating
ecc admin certificate
|
|
|
|
|
|
|
| |
The man pages for pkispawn and pki_default.cfg have been updated
to include TPS deployment parameters.
https://fedorahosted.org/pki/ticket/1277
|
|
|
|
|
|
|
|
|
|
|
|
| |
The instruction to setup secure LDAP connection in the pkispawn
man page has been updated. The sample deployment configuration
file has been made more generic. The setup-ds.pl has been removed
from the instruction since generating a self-signed certificate
requires a DS admin server. The URL to download setupssl2.sh has
been changed with a more direct link. The sample LDAP password
has been changed to match the current deployment configuration
examples. Some paragraphs have been line wrapped to simplify man
page development.
|
| |
|
|
|
|
| |
Ticket #1486.
|
|
|
|
|
|
|
|
|
| |
The /root in pkispawn man page has been replaced with a more
generic $HOME.
An incorrect /root in the following example has been removed:
semanage -a -t pki_tomcat_cert_t /root/backup_keys.p12
|
|
|
|
|
|
|
|
|
| |
The pkispawn man page has been updated to clarify the section
headers of various deployment scenarios. Some paragraphs have
been line wrapped to simplify man page development. The existing
sample password has been replaced with another password that does
not match a parameter name to simplify search and replace for
customization.
|
|
|
|
| |
Trac ticket 1356
|
|
|
|
| |
Ticket 1076
|
|
|
|
| |
Trac ticket 852, 853
|
| |
|
|
|
|
| |
- PKI TRAC Ticket #1460 - Add 'pkispawn' man page example for ECC
|
|
|
|
|
| |
Ticket #1358.
Also note that OCSP cloning is unsupported as of now.
|
|
|
|
|
|
| |
- PKI TRAC Ticket #1425 - pkispawn CA with HSM - if the config file has
pki_client related params the dir is not created and the admin cert p12 file
is stored nowhere
|
|
|
|
|
|
|
|
| |
New parameters have been added into the default.cfg to specify the
master hostname and port for pki_clone_uri. By default they point
to the security domain. The man page has been updated as well.
https://fedorahosted.org/pki/ticket/1385
|
|
|
|
|
| |
Ports are already set when deploying into an existing instance.
Having a user re-enter these is repetitious and error prone.
|
|
|
|
| |
- PKI TRAC Ticket #1346 - pkispawn should have an HSM library option
|
|
|
|
|
| |
- PKI TRAC Ticket #1315 - pki-tomcatd fails to start on system boot
- PKI TRAC Ticket #1340 - pkidestroy should not remove /var/lib/pki
|
|
|
|
| |
- PKI TRAC Ticket #1144 - pkispawn needs option to specify ca cert for ldap
|
|
|
|
|
|
|
|
|
| |
Installation code failed to anticipate installation of a subordinate
CA that would host its own security domain. This patch includes changes
to python installation code, java configuration servlet and
changes to man pages.
Ticket 1132
|
|
|
|
|
| |
This patch fixes manpage-has-errors-from-man and hyphen-used-as-minus-sign
found by lintian tool on Debian.
|
|
|
|
| |
- PKI TRAC Ticket #1077 - Consider removing [Apache] section from 'default.cfg'
|
|
|
|
| |
- PKI TRAC Ticket #1120 - Remove Firefox PKI GUI Configuration Panel Interface
|
|
|
|
| |
* TRAC Ticket #762 - Stand-alone DRM (cleanup tasks)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch allows password values in pkispawn deployment files to
contain unescaped '%' characters. Non password settings support
interpolation, so they still require escaping.
This patch has been tested with deployment file based installs as
well as interactive installs. The way it works is that we escape
the password settings internally immediately after reading the
deployment config file. The interactive installation code already
escapes password values as it receives them from the user. This
approach allows the rest of the installation code to remain as-is.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The deployment config files used by pkispawn support interpolation as
supplied by ConfigParser. Interpolation uses the '%' character, which
means values that need to contain a '%' character need to be properly
escaped.
This patch detects errors with unescaped '%' characters and reports
a useful message bac kto the user who is running pkispawn. This
patch also adds notes to the pkispawn and pki_default.cfg man pages
to explain that escaping of '%' characters is required.
|
|
|
|
|
|
|
| |
New man pages have been added for pki-upgrade and pki-server-upgrade.
The spec file and build scripts have been updated accordingly.
Ticket #582
|
|
|
|
|
|
| |
* TRAC Ticket #606 - add restart / start at boot info to pkispawn man page
* TRAC Ticket #610 - Document limitation in using GUI install
* TRAC Ticket #629 - Package ownership of '/usr/share/pki/etc/' directory
|
|
|
|
|
| |
The default folder for to store user files in the home directory
has been changed from .pki to .dogtag.
|
|
|
|
|
|
|
|
| |
Remove all the declarations, definitions and invocations of respawn()
method in the deploment scripts. Remove the -u update option in pkispawn
script.
Ticket #542
|
|
The base/deploy folder has been renamed to base/server to match the
package name. The pki.conf has been moved into pki-base package.
Ticket #553, #564
|