The installer script has been modified to validate security domain
info in both interactive and silent installation.
A basic Python API has been added to access the REST interface.
Endi S. Dewata
Attached is a patch for ticket #477. The code is done, but since the
patch renames one of the files in the deployed webapps there probably
needs to be a migration script. This needs to be discussed further.
Endi S. Dewata
We want to use the admin interface for installation work. This patch
moves the interfaces used in cloning from either the EE or agent
interface to the admin one. See:
1. Change call to use /ca/admin/ca/getCertChain
2. Remove unneeded getTokenInfo servlet. The logic not to use this
servlet has already been committed to dogtag 10.
3. Move updateNumberRange to the admin interface. For backward
compatibility with old instances, the install code will
call /ca/agent/updateNumberRange as a fallback.
4. Add updateDomainXML to admin interface. For backward compatibility,
updateDomainXML will continue to be exposed on the agent interface with
agent client auth.
5. Changed pkidestroy to get an install token and use the admin
interface to update the security domain. For backward compatibility,
the user and password and not specified as mandatory arguments -
although we want to do that in future.
6. Added tokenAuthenticate to the admin interface.
Note, existing subsystems will need to have config changes manually
added in order to use the new interfaces. Instructions will be added to
the link above. With new instances, you should be able to clone a CA
all on the admin interface.
The patches are for the PKI_8_1_ERRATA_BRANCH and PKI_8_BRANCH