<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
The attached patch addresses the following PKI issue:<br>
<ul>
<li>TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI
jar files . . .</li>
</ul>
This patch was checked against the following PKI services
(CA/KRA/OCSP/TKS as a single merged instance):<br>
<ul>
<li>The Dogtag 10 versions of 'dogtag-pki-theme', 'pki-core', and
'pki-console' were all built, installed, and tested on a 64-bit
Fedora 17 machine<br>
</li>
<li>None of the java jars under /usr/share/java/pki contain any
embedded versions in their names, and there are no more symbolic
links</li>
<li>The JNI 'symkey.jar' is a file and contains no embedded
version in its name<br>
</li>
<li>CA</li>
<ul>
<li>after reporting the previously encountered 'certutil -a'
problem on the admin cert, and manually correcting it, I
successfully requested, approved, and issued a certificate
using the 'Maual User Dual-Use Certificate Enrollment' profile<br>
</li>
</ul>
<li>KRA</li>
<ul>
<li>after launching a standalone browser profile (since the KRA
admin certificate will not be prompted for since it is running
on the same port), the keys were successfully archived using
the 'Manual User Signing and Encryption Certificates
Enrollment' profile<a
href="https://dogtag17-clone.usersys.redhat.com:8443/ca/ee/ca/profileSelect?profileId=caDualCert"><font
face="PrimaSans BT, Verdana, sans-serif" size="-1"></font></a></li>
</ul>
<li>OCSP</li>
<ul>
<li>after launching another standalone browser profile (since
the KRA admin certificate will not be prompted for since it is
running on the same port), the command 'OCSPClient
server.example.com 8080 /var/lib/pki/pki-tomcat/alias/
"ocspSigningCert cert-pki-tomcat" 23 22.res 1 /ocsp/ee/ocsp'
was executed from the command line while performing a 'tail -f
/var/log/pki/pki-tomcat/ocsp/debug' which showed communication
with the OCSP server</li>
</ul>
<li>TKS</li>
<ul>
<li>I successfully launched the URL
'<a class="moz-txt-link-freetext" href="http://server.example.com:8080/tks/services">http://server.example.com:8080/tks/services</a>' from a browser</li>
</ul>
<li>PKI Console</li>
<ul>
<li>No GUI was presented for the PKI console when invoking
'pkiconsole <a class="moz-txt-link-freetext" href="https://server.example.com:8443/ca">https://server.example.com:8443/ca</a>', but this
appeared to be a display issue, not a problem with the newly
named jars</li>
</ul>
</ul>
If this patch is found to be acceptable in its current incarnation,
please feel free to push it to the 'master' branch so that it may be
included in the upcoming Beta 2 builds.<br>
<br>
-- Matt<br>
<br>
</body>
</html>