| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
This is the first of several commits. This adds a LifecycleListener
to call init() on the nuxwdog client before any connectors or webapps
start up, and call sendEndInit() once initialization completes.
Code is also added to prompt for and test required passwords on startup.
All that is required to use nuxwdog is to start the server using nuxwdog.
An environment variable will be set that will trigger creation of the
NuxwdogPasswordStore. We expect tags for the required passwords to be in
cms.passwordList
|
| |
|
|
|
|
|
|
| |
Some CMake scripts have been updated to work on both F21 and F22.
https://fedorahosted.org/pki/ticket/1281
|
|
|
|
|
|
|
| |
The OCSPClient CLI has been refactored into an OCSPProcessor
utility class such that the functionality can be reused.
https://fedorahosted.org/pki/ticket/1202
|
|
|
|
|
|
|
|
|
|
|
| |
The PKCS #9 challengePassword attribute has DirectoryString syntax.
Dogtag currently attempts only to decode it as a PrintableString,
causing failures when the attribute is encoded as a UTF8String.
Add method DerValue.getDirectoryString() to decode any of the valid
DirectoryString encodings and update ChallengePassword to use it.
https://fedorahosted.org/pki/ticket/1221
|
|
|
|
| |
TLS v1.2
|
| |
|
|
|
|
| |
subordinate certificate signing requests (CSR)
|
|
|
|
|
|
| |
- Removed dependency on removed internal junit class
- moved cmake reference to junit4.jar to junit.jar
- Disambiguate a couple of references
|
| |
|
|
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| |
|
|
|
|
| |
* TRAC Ticket #667 - provide option for ca-less drm install
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new REST service has been added to the TKS to manage shared secrets.
The shared secret is tied to the TKS-TPS connector, and is created at the
end of the TPS configuration. At this point, the TPS contacts the TKS and
requests that the shared secret be generated. The secret is returned to the
TPS, wrapped using the subsystem certificate of the TPS.
The TPS should then decrypt the shared secret and store it in its certificate
database. This operations requires JSS changes, though, and so will be deferred
to a later patch. For now, though, if the TPS and TKS share the same certdb, then
it is sufficient to generate the shared secret.
Clients and CLI are also provided. The CLI in particular is used to remove the
TPSConnector entries and the shared secret when the TPS is pkidestroyed.
|
| |
|
|
|
|
| |
interface
|
|
|
|
| |
Ticket 448.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
The CertPrettyPrint has been modified to use the standard names
for message digests so that it will work with standard security
provider.
Ticket #392
|
|
|
|
| |
* TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .
|
|
|
|
|
| |
This is a workaround until we can get the new interface working on IPA
clones.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RPM spec files have been modified to pass the full RPM version
number to CMake. The version number contains the product version
number, release number, milestone, and platform. The CMake scritps
will parse and use this version number to generate Java manifest
files. The product version number will be used as the specification
version and full version number will be used as the implementation
version.
Ticket #339
|
|
|
|
|
|
|
|
|
|
|
| |
The CMake scripts have been modified to store the version number
in /usr/share/pki/VERSION and in JAR manifest files. These files
can be read by PKI applications to obtain the version number
without having to query the RPM database.
Fixed warnings in Java.cmake file.
Ticket #339
|
|
|
|
|
|
|
| |
The escapeDN() has been renamed into escapeRDNValue() for better
clarity.
Ticket #193
|
|
|
|
|
|
|
| |
The UGSubsystem has been modified to escape values used in DN or
filter according to LDAP standard.
Ticket #193
|
|
|
|
|
|
|
| |
The Javadocs for pki-util, pki-java-tools and pki-common have been
merged and packaged into pki-javadoc RPM.
Ticket #295
|
| |
|
|
|
|
|
|
|
|
| |
The build scripts for test, util test, and common test
components have been updated to automatically find the
source codes and not create unnecessary test jar files.
Ticket #62
|
| |
|
|
|
|
|
|
|
|
| |
The build scripts for util and common packages have been modified
to use the new Java CMake library to automatically find the source
codes and build the binaries.
Ticket #62
|
| |
|
| |
|
|
|
|
|
|
|
| |
The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets.
It provides an interface to manage certificate revocation.
Ticket #161
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Coverity fix for Forward NULL cases in DogTag 10.
|
|
|
|
| |
Addressed review coments.
|
| |
|
|
|
|
|
|
|
| |
The X500Name and RDN have been modified to fix the incorrect method
signature for equals() and the missing hashCode().
Ticket #206
|
|
|
|
| |
REVERSE_INULL,Wrong_Map_Iterators
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
FB.SBSC_USE_STRINGBUFFER_CONCATENATION --Remaining
|