[PATCH] 1009 Added audit logs for SSL/TLS events.
by Endi Sukma Dewata
The CMSStartServlet has been modified to register an SSL socket
listener called PKIServerSocketListener to TomcatJSS.
The PKIServerSocketListener will receive the alerts generated by
SSL server sockets and generate ACCESS_SESSION_* audit logs.
The CS.cfg for all subsystems have been modified to include
ACCESS_SESSION_* audit events.
https://pagure.io/dogtagpki/issue/2602
ACKed by cfu with a few changes. Pushed to master.
--
Endi S. Dewata
7 years, 10 months
[PATCH] CMC RFE: provide Proof of Possession for encryption cert requests (encryptedPOP and decrypedPOP)
by Christina Fu
This patch provides the feature implementation for CMC encryptedPOP and decrypedPOP used for Proof of Possession for encryption keys in the following ticket:
#2615 CMC: provide Proof of Possession for encryption cert requests
Note tha it is an incremental patch based off
#2613 CMC: id-cmc-identityProofV2 feature implementation
Which I submitted yesterday
There will be a small "cleanup" patch after this.
thanks,
Christina
7 years, 10 months
[PATCH] 992-1001 Fixed unnecessary CLI connection.
by Endi Sukma Dewata
Previously the CLI would unnecessarily try to connect to the server
while executing commands that do not need connection. The problem has
been fixed using lazy initialization of the PKIClient object.
Pushed to master under trivial rule.
--
Endi S. Dewata
7 years, 10 months