Comments:
1. In pkispawn, in the section "KRA, OCSP, or TKS using default
configuration": rather than explaining that myconfig.txt is the same as
the above section with an additional parameter, its clearer just to
print out a new myconfig.txt as in the previous section. You still want
to mention though that the security domain password is the same as the
admin password for the CA. Note the typo "whick".
2. The line adding the signing subordinate DN is too long, partly
because it repeats itself. Shorten to fit on line if possible.
3. Also in that section, there should be a note about the subordinate
CA subject DN having to be different from the root CA signing subject
DN. See a corresponding note in the "externally signed CA section"
4. In sample.cfg, change the comment to:
+##Required for all subsystems that are not root CAs
5. The sample files for KRA, TKS etc. like sampleKRA-OCSP-TKSclone.cfg
are a little confusing. Rather pick one of these -- a KRA for
instances and provide a sample instead. So in this case,
[KRA/OCSP/TKS] -> [KRA]
On Fri, 2013-03-15 at 22:20 -0400, Abhishek Koneru wrote:
Please review the attached patch with fixes for incorrect information
in pkispawn man page.
Also added the sample config files for different installations of pki subsystems.
--Abhishek
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel