Re: [Pki-devel] [PATCH] 827 Added support to create system certificates in different tokens.
I think if you search for the usage of CryptoToken.login(), it's done at the beginning
of configuration servlet (SystemConfigService) and in the beginning of server startup
(JssSubsystem). TomcatJSS might also do the same thing (I haven't checked the code).
This patch doesn't change the order of token login and the certificate creations. It
mainly changes how the tokenname parameters are initialized. Previously it's done by
the configuration servlet but with the wrong value. Now it's done in pkispawn with the
correct value.
--
Endi S. Dewata
----- Original Message -----
I'm less familiar with the area, so I'm just going to ask a question. Where
in the new code does it handle taking in passwords and logging into the
extra token(s)?
thanks,
Christina
On 08/31/2016 12:35 PM, Endi Sukma Dewata wrote:
Previously all system certificates were always created in the same
token specified in the pki_token_name parameter.
To allow creating system certificates in different tokens, the
configuration.py has been modified to store the system certificate
token names specified in pki_<cert>_token parameters into the
CS.cfg before the server is started.
After the server is started, the configuration servlet will read
the token names from the CS.cfg and create the certificates in the
appropriate token.
https://fedorahosted.org/pki/ticket/2449
_______________________________________________
Pki-devel mailing list Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel