August 2016 - Pki-devel - Dogtag Pki List Archives

[PATCH] 0130 Prevent deletion of host CA cert and key from NSSDB

by Fraser Tweedale

Hi, Attached patch fixes https://fedorahosted.org/pki/ticket/2443. Thanks, Fraser

8 years, 3 months

2
2
0 / 0

[PATCH] 0131..0132 Fix LWCA entryUSN handling

by Fraser Tweedale

The attached patches address a couple of issues related to handling entryUSN attribute when reading lightweight CA entries. https://fedorahosted.org/pki/ticket/2444 Thanks, Fraser

8 years, 3 months

2
2
0 / 0

[PATCH] 827 Added support to create system certificates in different tokens.

by Endi Sukma Dewata

Previously all system certificates were always created in the same token specified in the pki_token_name parameter. To allow creating system certificates in different tokens, the configuration.py has been modified to store the system certificate token names specified in pki_<cert>_token parameters into the CS.cfg before the server is started. After the server is started, the configuration servlet will read the token names from the CS.cfg and create the certificates in the appropriate token. https://fedorahosted.org/pki/ticket/2449 -- Endi S. Dewata

8 years, 3 months

3
4
0 / 0

[PATCH] 0133 Revoke lightweight CA certificate on deletion

by Fraser Tweedale

Hi team, The attached patch implements cert revocation on LWCA deletion. The TODO for parametrising over revocation reason and invalid date is intentional - I just want to get the minimal viable solution into 10.3.x ASAP and we can look at what more is wanted/needed later. Thanks, Fraser

8 years, 3 months

2
1
0 / 0

Karma Requests for pki-core-10.3.5-4

by Matthew Harmsen

*The following updated candidate builds of pki-core 10.3.5 on Fedora 24, 25, and 26 (rawhide) consist of the following: * * *Fedora 24* o *pki-core-10.3.5-4.fc24 <http://koji.fedoraproject.org/koji/buildinfo?buildID=795475> * * *Fedora 25* o *pki-core-10.3.5-4.fc25 <http://koji.fedoraproject.org/koji/buildinfo?buildID=795726> * * *Fedora 26* o *pki-core-10.3.5-4.fc26 <http://koji.fedoraproject.org/koji/buildinfo?buildID=795727> * *Additionally, the CentOS 7 COPR EPEL Builds of Dogtag 10.3.3 were also updated: * * *https://copr.fedorainfracloud.org/coprs/g/pki/10.3.3/repo/epel-7/group_pki-10.3.3-epel-7.repo * [group_pki-10.3.3] name=Copr repo for 10.3.3 owned by @pki baseurl=https://copr-be.cloud.fedoraproject.org/results/@pki/10.3.3/epel-... skip_if_unavailable=True gpgcheck=1 gpgkey=https://copr-be.cloud.fedoraproject.org/results/@pki/10.3.3/pubkey... enabled=1 enabled_metadata=1 *These builds address the following PKI tickets: * * PKI TRAC Ticket #1578 - Authentication Instance Id PinDirEnrollment with authType value as SslclientAuth is not working <https://fedorahosted.org/pki/ticket/1578> * PKI TRAC Ticket #2414 - pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided <https://fedorahosted.org/pki/ticket/2414> * PKI TRAC Ticket #2423 - pki_ca_signing_token when not specified does not fallback to pki_token_name value <https://fedorahosted.org/pki/ticket/2423> * PKI TRAC Ticket #2436 - Dogtag 10.3.6: Miscellaneous Enhancements <https://fedorahosted.org/pki/ticket/2436> o added check for pki-server-nuxwdog parameter * PKI TRAC Ticket #2439 - Outdated deployment descriptors in upgraded server <https://fedorahosted.org/pki/ticket/2439> *Please provide Karma for the following builds: * * *Fedora 24* o *https://bodhi.fedoraproject.org/updates/FEDORA-2016-36fa3fd8c3 pki-core-10.3.5-4.fc24 * * *Fedora 25* o *https://bodhi.fedoraproject.org/updates/FEDORA-2016-abb1e5d2a6 pki-core-10.3.5-4.fc25 *

8 years, 3 months

2
1
0 / 0

[PATCH] pki-cfu-0151-Ticket-2446-pkispawn-make-subject_dn-defaults-unique.patch

by Christina Fu

Patch for https://fedorahosted.org/pki/ticket/2446 pkispawn: make subject_dn defaults unique per instance name (for shared HSM) Please review. thanks, Christina

8 years, 3 months

2
2
0 / 0

[PATCH] 826 Fixed debug log in UpdateNumberRange servlet.

by Endi Sukma Dewata

To help troubleshooting the debug log in UpdateNumberRange servlet has been modified to show the exception stack trace. https://fedorahosted.org/pki/ticket/2436 Pushed to master (10.4) under one-liner/trivial rule. -- Endi S. Dewata

8 years, 3 months

1
0
0 / 0

[PATCH] 824-825 Fixed default token name for system certificates.

by Endi Sukma Dewata

Previously when installing with HSM the token name has to be specified for each system certificate in the pki_<cert>_token parameters. The deployment tool has been modified such that by default it will use the token name specified in pki_token_name. Previously issues with system certificates that happen during subsystem initialization were reported as database initialization error. Database initialization actually does not depend on subsystem initialization, so to avoid confusion and to simplify the code the reInitSubsystem() in SystemConfigService is now invoked after the initializeDatabase() is complete. https://fedorahosted.org/pki/ticket/2423 -- Endi S. Dewata

8 years, 3 months

1
1
0 / 0

[PATCH] To fix 1358462 - pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided

by Geetika Kapoor

Hi, This patch fix BZ 1358462 - pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided. If we provide wrong cert nickname it gives "Certificate Nickname subsystemCert cert-topology-02-CA doesn't exist" and also if cert nickname doesn't exist it won't share the number of entries present. If cert nickname match then only it shows how many entries exist. Thanks Geetika

8 years, 3 months

2
5
0 / 0

[PATCH 0012] Added check for pki-server-nuxwdog parameter

by Abhijeet Kasurde

Hi All, Please review this patch. Partially fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1353245 -- Thanks, Abhijeet Kasurde IRC: akasurde http://akasurde.github.io

8 years, 3 months

2
3
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel August 2016