pki.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Avoid XML parse fail with double-hyphen in hostname	Fraser Tweedale	2016-03-03	1	-10/+10
\| \| \| \| \| \| \| \| \| \| \| \|	server.xml contains metadata read by pkidaemon which includes URLs, in XML comments. If the hostname contains `--', the parse fails. Instead of XML comments, put this information in XML Processing instructions[1], which allows double-hyphens to be used. [1] https://www.w3.org/TR/REC-xml/#NT-PI Fixes: https://fedorahosted.org/pki/ticket/1260
*	pki-tomcat8 needs tomcat-api.jar to compile	Christian Heimes	2016-02-26	1	-1/+8
\| \| \| \| \| \| \| \|	Tomcat 8.0.32 has moved org.apache.tomcat.ContextBind into tomcat-api.jar. Add tomcat-api.jar to javac classpath to compile pki with latest Tomcat. https://fedorahosted.org/pki/attachment/ticket/2222
*	Extract common base class for SSLAuthenticatorWithFallback	Fraser Tweedale	2016-01-21	2	-128/+13
\| \| \| \| \| \| \| \| \|	Two Tomcat version-specific implementations of SSLAuthenticatorWithFallback exist, with much duplicate code. Extract an abstract base class 'AbstractPKIAuthenticator' and implement just the unique bits in the concrete classes. Part of: https://fedorahosted.org/pki/ticket/1359
*	Ticket #1556 Weak HTTPS TLS ciphers	Christina Fu	2015-08-17	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \|	This patch fixes the RSA ciphers that were mistakenly turned on under ECC section, and off under RSA section. A few adjustments have also been made based on Bob Relyea's feedback. A new file, <instance>/conf/ciphers.info was also created to 1. provide info on the ciphers 2. provide default rsa and ecc ciphers for admins to incorporate into earlier instances (as migration script might not be ideal due to possible customization) (cherry picked from commit 67c895851781d69343979cbcff138184803880ea)
*	remove more inaccessible URLs from server.xml	Matthew Harmsen	2015-08-07	1	-4/+2
\| \| \| \| \| \| \|	- PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible - PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat shows an error page
*	TPS add phone home URLs to pkidaemon status message.	Jack Magne	2015-07-16	1	-0/+2
\| \| \| \| \| \|	Ticket # 1466 . Also remove some needless copies of server.xml from the code.
*	remove inaccessible URLs from server.xml	Matthew Harmsen	2015-07-13	1	-3/+0
\| \| \| \| \|	- PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible
*	Fixed ProxyRealm for Tomcat 8.	Endi S. Dewata	2015-06-19	1	-0/+5
\| \| \| \| \|	The Realm interface has changed in recent Tomcat 8 version. The ProxyRealm class that implements it has been updated accordingly.
*	Fixed pkidaemon to show TPS status.	Endi S. Dewata	2015-06-18	1	-0/+6
\| \| \| \| \| \| \|	The operations script and the server.xml templates have been modified to display TPS status in pkidaemon. https://fedorahosted.org/pki/ticket/1278
*	Patches to get nuxwdog working with systemd	Ade Lee	2015-05-10	1	-2/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch adds some new unit files and targets for starting instances with nuxwdog, as well as logic within the pki-server nuxwdog module to switch to/from the old and new systemd unit files. It also corrects some issues found in additional testing of the nuxwdog change scripts. To use nuxwdog to start the instance, a user needs to do the following: 1. Create an instance normally. 2. Run: pki-server instance-nuxwdog-enable <instance_name> 3. Start the instance using: systemctl start pki-tomcatd-nuxwdog@<instance_name>.service To revert the instance, simply do the following: 1. Run: pki-server instance-nuxwdog-disable <instance_name> 2. Start the instance using: systemctl start pki-tomcatd@<instance_name>.service
*	Added direct deployment for theme.	Endi S. Dewata	2015-04-23	4	-2/+66
\| \| \| \| \| \| \| \|	The deployment tool has been modified to deploy the theme files directly from /usr/share/pki. New deployment descriptors have been added for admin templates and JS library. https://fedorahosted.org/pki/ticket/499
*	Changes to config files to support nuxwdog	Ade Lee	2015-04-22	1	-0/+2
\| \| \| \|	Specifically changes to CS.cfg, server.xml and tomcat.conf
*	Add nuxwdog functionality to Dogtag	Ade Lee	2015-04-22	1	-4/+5
\| \| \| \| \| \| \| \| \| \| \| \|	This is the first of several commits. This adds a LifecycleListener to call init() on the nuxwdog client before any connectors or webapps start up, and call sendEndInit() once initialization completes. Code is also added to prompt for and test required passwords on startup. All that is required to use nuxwdog is to start the server using nuxwdog. An environment variable will be set that will trigger creation of the NuxwdogPasswordStore. We expect tags for the required passwords to be in cms.passwordList
*	Added support for Tomcat 8.	Endi S. Dewata	2015-04-21	8	-0/+843
	The Dogtag code has been modified to support both Tomcat 7 and 8. All files depending on a specific Tomcat version are now stored in separate folders. The build scripts have been modified to use the proper folder for the target platform. The tomcatjss dependency has been updated as well. The upgrade script will be added in a separate patch. https://fedorahosted.org/pki/ticket/1264