November 2016 - Pki-devel - Dogtag Pki List Archives

[PATCH] 873 Added subsystem logging.properties for debugging.

by Endi Sukma Dewata

A new logging.properties has been added to each subsystem to define the PKI packages to be logged in the debug log. The server logging.properties has been updated to define the debug log handlers for each subsystem. The pki.policy has been modified to allow Tomcat to read the default logging.properties files in /usr/share/pki and to generate debug logs in instance subfolders. https://fedorahosted.org/pki/ticket/195 -- Endi S. Dewata

8 years, 5 months

1
1
0 / 0

[PATCH] 874 Updated PKI server logging service to use SLF4J.

by Endi Sukma Dewata

The PKI server logging service has been modified to utilize SLF4J internally while maintaining the same API. This will allow incremental transition to SLF4J. https://fedorahosted.org/pki/ticket/195 -- Endi S. Dewata

8 years, 5 months

1
1
0 / 0

[PATCH] 875 Updated server logging.properties.

by Endi Sukma Dewata

The server logging.properties has been modified to log low level messages into catalina log for troubleshooting non-PKI issues (e.g. RESTEasy). High level messages (i.e. errors and warnings) will continue to be logged on the console. The pki-server-logging man page has been updated accordingly. https://fedorahosted.org/pki/ticket/195 -- Endi S. Dewata

8 years, 5 months

1
0
0 / 0

[PATCH] pki-cfu-0156-Ticket-2534-Automatic-recovery-of-encryption-cert-CA.patch

by Christina Fu

https://fedorahosted.org/pki/ticket/2534 Automatic recovery of encryption cert - CA and TPS tokendb shows different certificate status This patch fixes the reported issue so now the auto-recovered certificate will reflect the actual status of the certificate. Also, since the externalReg tracks its own recovered certificate status, it is consolidated with the certificate status tracking mechanism added in this patch so that they can be uniformly managed. thanks, Christina

8 years, 5 months

1
1
0 / 0

[PATCH] 872 Update PKCS12Util to use SLF4J.

by Endi Sukma Dewata

The PKCS12Util class has been modified to use SLF4J logging framework. The CMake scripts has been modified to include SLF4J libraries in the classpath. The spec file has been modified to add SLF4J dependencies. https://fedorahosted.org/pki/ticket/195 -- Endi S. Dewata

8 years, 5 months

1
0
0 / 0

[PATCH] 868-871 Added man pages for logging configuration

by Endi Sukma Dewata

Attached are patches to clean up and to add man pages for the logging configuration. -- Endi S. Dewata

8 years, 5 months

2
2
0 / 0

[PATCH] 867 Fixed hanging subordinate CA with HSM installation in FIPS mode.

by Endi Sukma Dewata

When installing subordinate CA with HSM, the installer calls the pki CLI (which is implemented using JSS) to validate the imported CA certificate in HSM. Normally, the HSM password is specified as CLI parameter, but in FIPS mode JSS requires both the HSM and the internal token passwords. Since the CLI only takes one password, JSS will prompt for the missing one on the console causing the installation to hang. As a temporary solution, the pki-server subsystem-cert-validate command has been modified to validate certificates stored in the internal token only and it will use the internal token password, so only a single password is required. Further investigation in CLI/JSS/NSS is needed to support validating certificates in HSM without password prompts. https://fedorahosted.org/pki/ticket/2543 -- Endi S. Dewata

8 years, 5 months

1
1
0 / 0

[PATCH] 866 Fixed problem installing subordinate CA with HSM in FIPS mode.

by Endi Sukma Dewata

Due to certutil issue (bug #1393668) the installation code has been modified to import certificates into the NSS database in two steps. This workaround is needed to install subordinate CA with HSM in FIPS mode. First, the certificate will be imported into the HSM using the HSM password without the trust attributes. Then, the certificate will be imported into the internal token using the internal token password with the trust attributes. https://fedorahosted.org/pki/ticket/2543 -- Endi S. Dewata

8 years, 5 months

2
2
0 / 0

[PATCH] 865 Moved policy framework classes to org.dogtagpki.legacy.

by Endi Sukma Dewata

To discourage the use of policy framework, the framework classes have been moved into org.dogtagpki.legacy. https://fedorahosted.org/pki/ticket/6 -- Endi S. Dewata

8 years, 5 months

2
2
0 / 0

[PATCH] 864 Generalized list of files in CMakeLists.txt.

by Endi Sukma Dewata

The list of source and class files in some CMake files have been generalized to allow renaming Java packages without changing the CMake files again. https://fedorahosted.org/pki/ticket/6 I've verified that the new CMake files do not change the content of the JAR files. -- Endi S. Dewata

8 years, 5 months

2
2
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel November 2016