From 0c502a387c90d2e2d8ebe9e3edf3dfeaf1d6eba4 Mon Sep 17 00:00:00 2001 From: Jack Magne Date: Wed, 27 Jul 2016 11:43:33 -0700 Subject: Make starting CRL Number configurable. Ticket #2406 Make starting CRL Number configurable This simple patch provides a pkispawn config param that passes some starting crl number value to the config process. Here is a sample: [CA] pki_ca_starting_crl_number=4000 After the CA comes up the value of "crlNumber" in the db will reflect that value of 4000. Currently no other values are changed. We can talk about if we need more values reset in the given case. Also, this creates a setting in the CS.cfg ca.crl.MasterCrl.startingCrlNumber=4000 This setting is only consulted when the crl Issuing Point record is created for the first time. --- base/server/python/pki/server/deployment/pkihelper.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'base/server/python') diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index 6ac68b111..8a1dbddb5 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -4113,6 +4113,10 @@ class ConfigClient: if self.subsystem == "TPS": self.set_tps_parameters(data) + # Misc CA parameters + if self.subsystem == "CA": + data.startingCRLNumber = self.mdict['pki_ca_starting_crl_number'] + return data def save_admin_csr(self): -- cgit