summaryrefslogtreecommitdiffstats
path: root/base/server/python/pki/server/deployment/pkimessages.py
Commit message (Collapse)AuthorAgeFilesLines
* Modify dnsdomainname test in pkispawnAde Lee2016-03-291-1/+1
| | | | | | | | We do a check for the dnsdomainname, which fails in Openstack CI because this is not set. Instead of exiting, default to the hostname. (cherry picked from commit 795465f8620a0a10092435dce46e4cff93dbc20a)
* Add certutil options for ECCMatthew Harmsen2015-07-281-1/+5
| | | | | - PKI TRAC Ticket #1524 - pkispawn: certutil options incorrect for creating ecc admin certificate
* Limited Interactive Installation SupportMatthew Harmsen2015-07-021-0/+19
| | | | | - PKI TRAC Ticket #1441 - Lack of Interactive Installation Support (Cloning, Subordinates, Externals, HSMs, ECC)
* Check security module registrationMatthew Harmsen2015-06-181-0/+5
| | | | | | - PKI TRAC Ticket #1426 - pkispawn of KRA on HSM fails (shared instances) - PKI TRAC Ticket #1427 - pkispawn of OCSP on HSM fails (shared instances) - PKI TRAC Ticket #1429 - pkispawn of TKS on HSM fails (shared instances)
* add pkiuser to nfast groupMatthew Harmsen2015-06-161-0/+1
| | | | - PKI TRAC Ticket #1415 - nCipher HSM: Add 'pkiuser' to 'nfast' group
* Cleaned up links in main page.Endi S. Dewata2015-06-111-3/+0
| | | | | | | | | | | | | The ROOT's index.jsp has been modified to show the links to all subsystems installed on the instance. When opened, it will show the services provided by the subsystem. The pkispawn output has been modified to show the subsystem URL more consistently: https://<hostname>:<port>/<subsystem> In all subsystems except TPS the page will redirect to: https://<hostname>:<port>/<subsystem>/services
* disable backup keys and share master keys when using an HSMMatthew Harmsen2015-05-221-0/+9
| | | | | - PKI TRAC Ticket #1371 - pkispawn: need to disable backup_keys when using an HSM (and provide recommendation); allow clones to share keys
* modify contents of serverCertNick.confMatthew Harmsen2015-05-131-0/+1
| | | | | - PKI TRAC Ticket #1370 - pkispawn: installation with HSM from external CA should hold off prepending token name in serverCertNick.conf till phase 2
* Add HSM passwords to pkispawnMatthew Harmsen2015-04-211-0/+2
| | | | - PKI TRAC Ticket #1200 - make sure pkispawn works with hsm (passwords)
* Add HSM options to pkispawnMatthew Harmsen2015-04-141-0/+6
| | | | - PKI TRAC Ticket #1346 - pkispawn should have an HSM library option
* pki-tomcatd fails to start on system bootMatthew Harmsen2015-04-131-11/+13
| | | | | - PKI TRAC Ticket #1315 - pki-tomcatd fails to start on system boot - PKI TRAC Ticket #1340 - pkidestroy should not remove /var/lib/pki
* PKI TRAC Ticket #1284 - pkispawn URL redirect issue (simple fix)Matthew Harmsen2015-03-061-1/+3
|
* Fix-for-Bug-1170867-TPS-Installation-FailedJack Magne2014-12-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix now includes last review comments where we decided to consolidate 3 of the ldif files: schema.ldif,database.ldif, and manager.ldif. Each one of these 3 files contains the data needed for any subsystem for that file. The subsystem specific files for these 3 go away in the source tree. The first iteration of this fix was copying these 3 files into an undesirable directory. This is no longer the case. Extra code in the python installer allows one to establish a "file exclusion" callback to keep a set of desired files from being copied when the installer does a directory copy. All subsystems have been tested, including TPS with a brand new DS (which was the original reason for this fix), and they appear to work fine. Addressed further review comments: 1. Removed trailing whitespace instances from schema.ldif which had some. 2. Used pycharm to remove the few PEP violations I had previously added to the Python code. 3. Changed the format of the schema.ldif file to make all the entries use the same style. Previously the TPS entries was using an all in one syntax. No more since now each entry is separate. 4. Changed the name of an argument in one of the new Python methods to get rid of a camelCase instance. 5. Tested everything to work as before, including basic TPS operations such as Format. Fixed a method comment string and fixed some typos.
* Remove Apache info from pkispawn and pkidestroyMatthew Harmsen2014-09-021-6/+1
| | | | - PKI TRAC Ticket #1077 - Consider removing [Apache] section from 'default.cfg'
* Fix kra-connector-removeAde Lee2014-09-021-0/+2
| | | | | | | | | | | | | | | | | | | | The code to remove the connector from the pki CLI was found to be broken because of invalid message type (partly due to void returns). On uninstall, we need to remove the kra-connector from all relevant CA's in the security domain. The best way to do this is to keep kra-connector info in LDAP, so that only one call is needed. Until that change has been made, we are adding a hack to remove the connector from all CA's in the secutrity domain (if it exists). Due to issues with proxy configurations, we will continue to use sslget and a url-encoded-form version of the servlet. In addition, it was found that when removing a KRA from a shared subsystem, the updateDomainXML servlet was erroneously returning failure when it was unsuccessful in removing a non-existent user from a group. Ticket 1113
* Disable PKI GUI ConfigurationMatthew Harmsen2014-08-281-9/+0
| | | | - PKI TRAC Ticket #1120 - Remove Firefox PKI GUI Configuration Panel Interface
* Remove legacy 'systemctl' filesMatthew Harmsen2014-07-031-1/+1
| | | | - PKI TRAC Ticket #832 - Remove legacy 'systemctl' files . . .
* More formatting changesAde Lee2014-06-101-173/+185
| | | | | Improve the layout of strings in pkimessages and fix a couple more PEP 8 issues.
* Fix pycharm warnings for server python classesAde Lee2014-06-101-40/+39
| | | | | Mostly reformatting due to PEP8. Not all pycharm warnings are addressed, but the vast majority are.
* Stand-alone DRMMatthew Harmsen2013-10-151-2/+42
| | | | * TRAC Ticket #667 - provide option for ca-less drm install
* Ticket 755 - Detect unescaped percent characters in deployment filesNathan Kinder2013-10-071-0/+6
| | | | | | | | | | | | The deployment config files used by pkispawn support interpolation as supplied by ConfigParser. Interpolation uses the '%' character, which means values that need to contain a '%' character need to be properly escaped. This patch detects errors with unescaped '%' characters and reports a useful message bac kto the user who is running pkispawn. This patch also adds notes to the pkispawn and pki_default.cfg man pages to explain that escaping of '%' characters is required.
* Add service to generate and retrieve a shared secretAde Lee2013-09-301-0/+5
| | | | | | | | | | | | | | | | A new REST service has been added to the TKS to manage shared secrets. The shared secret is tied to the TKS-TPS connector, and is created at the end of the TPS configuration. At this point, the TPS contacts the TKS and requests that the shared secret be generated. The secret is returned to the TPS, wrapped using the subsystem certificate of the TPS. The TPS should then decrypt the shared secret and store it in its certificate database. This operations requires JSS changes, though, and so will be deferred to a later patch. For now, though, if the TPS and TKS share the same certdb, then it is sufficient to generate the shared secret. Clients and CLI are also provided. The CLI in particular is used to remove the TPSConnector entries and the shared secret when the TPS is pkidestroyed.
* Minor issue - redundant import in pkispawnAbhishek Koneru2013-07-221-2/+2
| | | | | | | A redundant import has been added in one ofthe previous patches. Fixed another small issue while using the escape character. Pylint fixes.
* Reorganized deployment tools.Endi S. Dewata2013-07-221-0/+359
The pkispawn and pkidestroy scripts have been moved into sbin folder. The Python deployment library and the scriptlets were moved into pki.server.deployment and pki.server.deployment.scriptlets packages, respectively.
generated by cgit (git 2.34.1) at 2024-06-09 15:50:21 +0000