[PATCH] 281 Added skeleton for token services.
by Endi Sukma Dewata
A skeleton for token service and the clients has been added. Currently
it's storing the database in memory. The actual implementation using
LDAP database will be added after the TPS configuration code is ready.
Ticket #652
--
Endi S. Dewata
11 years, 8 months
[PATCH] 71 Patch for ticket 316- Adding pylint to the build process
by Abhishek Koneru
Please review the patch which adds a script and also the pylint
configuration file to the code tree. The script is called in the compose
script for core packages before the actual packaging is done. If any
errors or warnings are reported by pylint, the build fails.
I did not add pylint as part of build-requires in the spec file for
pki-core, but have put a check in the script to bypass trying to scan if
pylint is not installed but with a comment stating the same in the log.
--Abhishek
11 years, 8 months
[PATCH - RHCS 8.1 ONLY] Bugzilla Bug #979559 - Parameter --ca_domain_url should be optional [REVISED]
by Matthew Harmsen
Please review the attached patch for the following RHCS 8.1 bug:
* *Bugzilla Bug #979559*
<https://bugzilla.redhat.com/show_bug.cgi?id=979559>-Parameter
--ca_domain_url should be optional
This bug addresses the problem of attempting to configure an instance
using a version of pki-silent which contains the new code with expanded
parameters while using an old template from a previous version of
pki-silent which did not contain these parameters.
Tested by installing and successfully configuring a CA, KRA, TKS, and
TPS using legacy templates as well as successfully configuring a CA,
KRA, TKS, and TPS using the new templates.
The attached code was revised to exclude the DRM/TKS agent hostname:port
and provide more verbose help messages regarding the optional new URL
parameters.
For readability sake, the new URL help messages follow:
# pkisilent ConfigureCA -help | grep _url
-ca_domain_url <string> CA Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this CA Instance (optional but
recommended for IP Port Separation)
# pkisilent ConfigureDRM -help | grep _url
-ca_domain_url <string> DRM Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this DRM Instance (optional but
recommended for IP Port Separation)
# pkisilent ConfigureOCSP -help | grep _url
-ca_domain_url <string> OCSP Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this OCSP Instance (optional but
recommended for IP Port Separation)
# pkisilent ConfigureTKS -help | grep _url
-ca_domain_url <string> TKS Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this TKS Instance (optional but
recommended for IP Port Separation)
# pkisilent ConfigureRA -help | grep _url
-ca_issuance_url <string> CA Choice Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates (optional but recommended if used with IP Port
Separated CA)
-ca_domain_url <string> RA Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this RA Instance (optional but
recommended if used with IP Port Separated CA)
# pkisilent ConfigureTPS -help | grep _url
-ca_issuance_url <string> CA Choice Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA registered in
this security domain used to Issue Certificates for use by an ESC
(optional but recommended if used with IP Port Separated CA)
-tks_key_management_url <string> TKS Choice Panel -
'https://<tks_agent_hostname>:<tks_agent_port>' URL to Agent TKS
used for Key Management (optional but recommended if used with IP
Port Separated TKS)
-drm_server_side_keygen_url <string> DRM Choice Panel -
'https://<drm_agent_hostname>:<drm_agent_port>' URL to Agent DRM
used for Server-Side Keygen (optional but recommended if used with
IP Port Separated DRM)
-ca_domain_url <string> TPS Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this TPS Instance (optional but
recommended if used with IP Port Separated CA)
# pkisilent ConfigureSubCA -help | grep _url
-ca_domain_url <string> SubCA Subject Names Panel -
'https://<ca_ee_hostname>:<ca_ee_port>' URL to EE CA used to Issue
Certificates for Creation of this SubCA Instance (optional but
recommended for IP Port Separation)
11 years, 8 months
[PATCH] 285 Reorganized PKIPrincipal.
by Endi Sukma Dewata
The PKIPrincipal is in cmscore package but it's needed by the REST
services in cms package so the class has been moved into cms package.
--
Endi S. Dewata
11 years, 8 months
[PATCH] 283 Refactored authentication managers.
by Endi Sukma Dewata
The CertUserDBAuthentication and PasswdUserDBAuthentication are
authentication managers in cmscore package but they are needed by
PKIRealm that is now in cms package, so new interfaces have been
refactored from these classes so they can be used without causing
dependency issue.
--
Endi S. Dewata
11 years, 8 months
