summaryrefslogtreecommitdiffstats
path: root/base/server/tomcat8/conf
Commit message (Collapse)AuthorAgeFilesLines
* Fixed SSL connection timeouts.Endi S. Dewata2017-04-201-1/+2
| | | | | | | | | The connectionTimeout parameter has been restored to 80 seconds. The keepAliveTimeout parameter has been set to 5 minutes. https://pagure.io/dogtagpki/issue/2643 Change-Id: I05bca0284ad946d833ed144e2f93a4ef4b9b6f0f
* Updated default SSL connection timeout.Endi S. Dewata2017-04-191-1/+1
| | | | | | | | | The default SSL connection timeout has been changed to 5 minutes to improve PKI console usability. https://pagure.io/dogtagpki/issue/2643 Change-Id: I905ca855285ddd655d965488b175c2d11fe407fd
* Merged /pki webapps.Endi S. Dewata2017-01-303-65/+1
| | | | | | | | | | | | | | | | | | | Previously the /pki webapp was only added if the theme was present during installation, and there were separate webapps for /pki/admin and /pki/js. If the theme was installed later, the /pki webapp had to be configured manually. To simplify the installation and to support other developments (e.g. login banner), the /pki webapp will always be added during installation regardless of theme, and the /pki/admin and /pki/js webapps are merged into /pki webapp. When the theme package is installed, it will create links in /pki webapp so the theme files will become available without additional configuration. An upgrade script has been added to merge the /pki webapp in existing instances. https://fedorahosted.org/pki/ticket/2582
* Fixed default OCSP port in server.xml.Endi S. Dewata2016-11-021-1/+1
| | | | | | | | For consistency the server.xml templates for Tomcat 7 and 8 have been modified to use the same unsecure port used by the instance in the default OCSP responder URL. https://fedorahosted.org/pki/ticket/2476
* Enableocsp checking on KRA with CA's secure port shows self test failure.Jack Magne2016-06-161-0/+3
| | | | | Here we will address this by putting a comment in the server.xml, around the area where the ocsp settings are document.
* Add option to modify ajp_host to pkispawnAde Lee2016-06-031-1/+1
| | | | | | | | This allows IPA to handle the case of a pure ipv6 environment in which the ipv4 loopback interface is not available. Ticket 1717
* Update default values of connectionTimeout to format smart cardsJack Magne2016-05-121-1/+2
| | | | | | | Ticket #1921 Trivial fix to add or up this connectionTimeout value to 80000 or 80 secs. Fix already tested informally in the field by QE.
* Avoid XML parse fail with double-hyphen in hostnameFraser Tweedale2016-03-031-10/+10
| | | | | | | | | | | | server.xml contains metadata read by pkidaemon which includes URLs, in XML comments. If the hostname contains `--', the parse fails. Instead of XML comments, put this information in XML Processing instructions[1], which allows double-hyphens to be used. [1] https://www.w3.org/TR/REC-xml/#NT-PI Fixes: https://fedorahosted.org/pki/ticket/1260
* Ticket #1556 Weak HTTPS TLS ciphersChristina Fu2015-08-171-0/+3
| | | | | | | | | | | | This patch fixes the RSA ciphers that were mistakenly turned on under ECC section, and off under RSA section. A few adjustments have also been made based on Bob Relyea's feedback. A new file, <instance>/conf/ciphers.info was also created to 1. provide info on the ciphers 2. provide default rsa and ecc ciphers for admins to incorporate into earlier instances (as migration script might not be ideal due to possible customization) (cherry picked from commit 67c895851781d69343979cbcff138184803880ea)
* remove more inaccessible URLs from server.xmlMatthew Harmsen2015-08-071-4/+2
| | | | | | | - PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible - PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat shows an error page
* TPS add phone home URLs to pkidaemon status message.Jack Magne2015-07-161-0/+2
| | | | | | Ticket # 1466 . Also remove some needless copies of server.xml from the code.
* remove inaccessible URLs from server.xmlMatthew Harmsen2015-07-131-3/+0
| | | | | - PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible
* Fixed pkidaemon to show TPS status.Endi S. Dewata2015-06-181-0/+6
| | | | | | | The operations script and the server.xml templates have been modified to display TPS status in pkidaemon. https://fedorahosted.org/pki/ticket/1278
* Patches to get nuxwdog working with systemdAde Lee2015-05-101-2/+1
| | | | | | | | | | | | | | | | | | | | | | This patch adds some new unit files and targets for starting instances with nuxwdog, as well as logic within the pki-server nuxwdog module to switch to/from the old and new systemd unit files. It also corrects some issues found in additional testing of the nuxwdog change scripts. To use nuxwdog to start the instance, a user needs to do the following: 1. Create an instance normally. 2. Run: pki-server instance-nuxwdog-enable <instance_name> 3. Start the instance using: systemctl start pki-tomcatd-nuxwdog@<instance_name>.service To revert the instance, simply do the following: 1. Run: pki-server instance-nuxwdog-disable <instance_name> 2. Start the instance using: systemctl start pki-tomcatd@<instance_name>.service
* Added direct deployment for theme.Endi S. Dewata2015-04-234-2/+66
| | | | | | | | The deployment tool has been modified to deploy the theme files directly from /usr/share/pki. New deployment descriptors have been added for admin templates and JS library. https://fedorahosted.org/pki/ticket/499
* Changes to config files to support nuxwdogAde Lee2015-04-221-0/+2
| | | | Specifically changes to CS.cfg, server.xml and tomcat.conf
* Added support for Tomcat 8.Endi S. Dewata2015-04-213-0/+359
The Dogtag code has been modified to support both Tomcat 7 and 8. All files depending on a specific Tomcat version are now stored in separate folders. The build scripts have been modified to use the proper folder for the target platform. The tomcatjss dependency has been updated as well. The upgrade script will be added in a separate patch. https://fedorahosted.org/pki/ticket/1264
generated by cgit (git 2.34.1) at 2024-09-23 17:23:14 +0000