[PATCH] 529 Updated KRA Python client library.
by Endi Sukma Dewata
The Python client library for KRA has been modified to simplify
the usage. The NSSCryptoProvider's setup_database() and __init__()
now take a password file parameter. The import_cert() now can
take either cert binary/encoded data or CertData object. It also
provides a default value for the trust attribute. The KRAClient
now stores the crypto provider object.
The KRA test has been updated to provide options to override
the default test configuration (e.g. hostname, port). It also has
been modified to use a temporary NSS database. The setup document
has been updated to describe the process to run the test as root
and as a regular user.
--
Endi S. Dewata
10 years, 4 months
[PATCH] 106, 107 Fixes for tickets 1036 and 1037
by Abhishek Koneru
Please review the attached patches with fixes for tickets 1036(man page
for profile CLI commands) and 1037 (issue in request status on
reject/cancel action on a key request).
-- Abhishek
10 years, 4 months
[PATCH] 236 - fix installation of subca with own security domain
by Ade Lee
This fixes issue 1132 and allows pkispawn to successfully install a
subCA that hosts its own security domain.
This was, in retrospect, a lot harder than I thought it was going to be.
Prior to this patch, we simply did not support this configuration with
pkispawn.
Two new parameters are introduced:
pki_subordinate_create_new_security_domain=False
pki_subordinate_security_domain_name=%(pki_dns_domainname)s Subordinate Security Domain
See man pages for correct usage.
There is only one issue left. When removing the subca using pkidestroy,
removing the entry from the master security domain currently fails due
to authentication. I'll fix that in the next patch.
This is tricky stuff so please review carefully.
Thanks.
Ade
10 years, 4 months