The authenticator configuration has been modified to store the
authentication info in the session so it can be used by other servlets.
An update script has been added to update the configuration in existing
The SSLAuthenticatorWithFalback was modified to propagate the
configuration to the actual authenticator handling the request.
Endi S. Dewata
A skeleton for token service and the clients has been added. Currently
it's storing the database in memory. The actual implementation using
LDAP database will be added after the TPS configuration code is ready.
Endi S. Dewata
Please review the patch which adds a script and also the pylint
configuration file to the code tree. The script is called in the compose
script for core packages before the actual packaging is done. If any
errors or warnings are reported by pylint, the build fails.
I did not add pylint as part of build-requires in the spec file for
pki-core, but have put a check in the script to bypass trying to scan if
pylint is not installed but with a comment stating the same in the log.
We need to back port the proxy port configuration to RHCS 8.1.
This addresses https://bugzilla.redhat.com/show_bug.cgi?id=988189
This is different from the original fix in that we allow the
specification of different ports for each interface.
Please review the attached patch for the following bug:
* *Bugzilla Bug #979559*
--ca_domain_url should be optional
This bug addresses the problem of attempting to configure an instance
using a version of pki-silent which contains the new code with expanded
parameters while using an old template from a previous version of
pki-silent which did not contain these parameters.
Tested by installing and successfully configuring a CA using the newly
patched code with an old template which excluded the "-ca_domain_url"
The Dogtag team is proud to announce the fourth errata build for
Builds are available for Fedora 18 and Fedora 19 in the updates-testing
repositories. Please try them out and provide karma to move them to the
F18 and F19 stable repositories.
== Build Versions ==
== Highlights since Dogtag 10.0.3 ==
* Enhanced pkispawn to provide automatic backup and restore mechanism
for files modified during the upgrade process.
* Improved the summary information at the end of pkispawn to include,
among other things, the location of the agent PKCS #12 file.
* Fixes to pkispawn and the installation servlets to fix cloning.
* Fix to pkispawn to correctly overwrite the pki_issuing_ca when
configuring with an external CA. This resolves an issue reported by IPA
in BZ #986901.
* Numerous fixes to resolve build issues on F19 and RHEL.
== Detailed Changes since Dogtag 10.0.3 ==
#645 Display the admin p12 file location in the installation summary
#680 Missing apache-commons-cli dependency
#665 cloning is broken for second instance in shared subsystems
BZ #973224 - resteasy-base must be split into subpackages
-- Add build dependency on systemd to fix build failures on f19.
-- Modify pkispawn to handle case where no subsystem certs are generated
-- Modify java-tools startup scripts to use correct JNI path
BZ #961522 - Allow key to be exported.
BZ #971561 - server-side key generation causes NullPointerException
if a parameter is not supplied by the caller (TPS)
#582 Man page for pki-upgrade
#583 Automatic backup and rollback on upgrade
BZ #986901 - Fix confguration issues with external CA.
BZ #985111 - token authentication problem on rhel
-- Removing JNI_JAR_DIR from /etc/pki/pki.conf.
-- Fixed library paths for RHEL.
BZ #986506 - exclude pki-kra, pki-ocsp and pki-tks from rhel
BZ #975939 - RHCS 8.1: "END CERTIFICATE" tag is not on it's own line