From 5b004df074027d1eba33c2f9038030406830cc3c Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Thu, 19 Jul 2012 01:04:54 -0700 Subject: PKI Deployment Scriptlets * In 'catalina.properties', removed commented out jars for each of the subsystems in the 'common.loader' * In 'server.xml', removed the line containing a '1' * Moved all parameters from the [Mandatory] and [Optional] sections of the 'pkideployment.cfg' file to other more appropriate sections (e.g. - [Common], [CA], [KRA], etc.), and removed these sections and all of their associated logic from the 'pki-deploy' package * Resolved Dogtag TRAC Ticket #225 Dogtag 10: Move "pkispawn"/"pkidestroy" logs * Removed all security domain references from external CA logic * Added new 'pki_subsystem_name' parameter to 'pkideployment.cfg' file, and applied logic throughout 'pki-deploy' * Added new error message in the case of an unset DNS domain name, and replaced the log message with a simple print in the case of a 'domainname' exception --- base/deploy/src/scriptlets/pkijython.py | 23 +++++------------------ 1 file changed, 5 insertions(+), 18 deletions(-) (limited to 'base/deploy/src/scriptlets/pkijython.py') diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index 7856ba8c1..b55c9ecec 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -299,65 +299,52 @@ class rest_client: data.setPin(master['pki_one_time_pin']) data.setToken(ConfigurationData.TOKEN_DEFAULT) if master['pki_instance_type'] == "Tomcat": + data.setSubsystemName(master['pki_subsystem_name']) if master['pki_subsystem'] == "CA": if config.str2bool(master['pki_clone']): # Cloned CA data.setHierarchy("root") data.setIsClone("true") - data.setSubsystemName("Cloned CA Subsystem") elif config.str2bool(master['pki_external']): # External CA data.setHierarchy("join") data.setIsClone("false") - data.setSubsystemName("External CA Subsystem") elif config.str2bool(master['pki_subordinate']): # Subordinate CA data.setHierarchy("join") data.setIsClone("false") - data.setSubsystemName("Subordinate CA Subsystem") else: # PKI CA data.setHierarchy("root") data.setIsClone("false") - data.setSubsystemName("PKI CA Subsystem") elif master['pki_subsystem'] == "KRA": if config.str2bool(master['pki_clone']): # Cloned KRA data.setIsClone("true") - data.setSubsystemName("Cloned KRA Subsystem") else: # PKI KRA data.setIsClone("false") - data.setSubsystemName("PKI KRA Subsystem") elif master['pki_subsystem'] == "OCSP": if config.str2bool(master['pki_clone']): # Cloned OCSP data.setIsClone("true") - data.setSubsystemName("Cloned OCSP Subsystem") else: # PKI OCSP data.setIsClone("false") - data.setSubsystemName("PKI OCSP Subsystem") elif master['pki_subsystem'] == "TKS": if config.str2bool(master['pki_clone']): # Cloned TKS data.setIsClone("true") - data.setSubsystemName("Cloned TKS Subsystem") else: # PKI TKS data.setIsClone("false") - data.setSubsystemName("PKI TKS Subsystem") # Security Domain Information + # + # NOTE: External CA's DO NOT require a security domain if master['pki_instance_type'] == "Tomcat": if master['pki_subsystem'] == "CA": - if config.str2bool(master['pki_external']): - # External CA - data.setSecurityDomainType( - ConfigurationData.NEW_DOMAIN) - data.setSecurityDomainName( - master['pki_security_domain_name']) - elif not config.str2bool(master['pki_clone']) and\ - not config.str2bool(master['pki_subordinate']): + if not config.str2bool(master['pki_clone']) and\ + not config.str2bool(master['pki_subordinate']): # PKI CA data.setSecurityDomainType( ConfigurationData.NEW_DOMAIN) -- cgit