<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Please review the attached patch which addresses the following two
tickets:<br>
<ul>
<li><a href="https://fedorahosted.org/pki/ticket/1443">PKI TRAC
Ticket #1443 - pkidaemon status tomcat list URLs under PKI
subsystems which are not accessible</a></li>
<li><a href="https://fedorahosted.org/pki/ticket/1518">PKI TRAC
Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat
shows an error page</a></li>
</ul>
<p>These were tested by installing four new instances and running
'pkidaemon status tomcat pki-tomcat'. The following four
inaccessible URLs no longer showed up:<br>
</p>
<ul>
<li><b>Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/kra/ee/kra">http://pki.example.com:8080/kra/ee/kra</a></b> (1443)<br>
</li>
<li><b>Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/ocsp/ee/ocsp">http://pki.example.com:8080/ocsp/ee/ocsp</a></b> (1518)<br>
</li>
<li><b>Secure EE URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/ee/ocsp">https://pki.example.com:8443/ocsp/ee/ocsp</a></b> (1518)<br>
</li>
<li><b>Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/tks/ee/tks">http://pki.example.com:8080/tks/ee/tks</a></b> (1443)</li>
</ul>
<p>Additionally, a test was run which showed that the upgrade code
worked successfully:<br>
</p>
<blockquote># pkidaemon status tomcat pki-tomcat<br>
Status for pki-tomcat: pki-tomcat is running ..<br>
<br>
[CA Status Definitions]<br>
Unsecure URL = <a class="moz-txt-link-freetext" href="http://pki.example.com:8080/ca/ee/ca">http://pki.example.com:8080/ca/ee/ca</a><br>
Secure Agent URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/agent/ca">https://pki.example.com:8443/ca/agent/ca</a><br>
Secure EE URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/ee/ca">https://pki.example.com:8443/ca/ee/ca</a><br>
Secure Admin URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/services">https://pki.example.com:8443/ca/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca">https://pki.example.com:8443/ca</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[DRM Status Definitions]<br>
<b> Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/kra/ee/kra">http://pki.example.com:8080/kra/ee/kra</a></b><br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra/agent/kra">https://pki.example.com:8443/kra/agent/kra</a><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra/services">https://pki.example.com:8443/kra/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra">https://pki.example.com:8443/kra</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[OCSP Status Definitions]<br>
<b> Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/ocsp/ee/ocsp">http://pki.example.com:8080/ocsp/ee/ocsp</a></b><br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/agent/ocsp">https://pki.example.com:8443/ocsp/agent/ocsp</a><br>
<b> Secure EE URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/ee/ocsp">https://pki.example.com:8443/ocsp/ee/ocsp</a></b><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/services">https://pki.example.com:8443/ocsp/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp">https://pki.example.com:8443/ocsp</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[TKS Status Definitions]<br>
<b> Unsecure URL =
<a class="moz-txt-link-freetext" href="http://pki.example.com:8080/tks/ee/tks">http://pki.example.com:8080/tks/ee/tks</a></b><br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks/agent/tks">https://pki.example.com:8443/tks/agent/tks</a><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks/services">https://pki.example.com:8443/tks/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks">https://pki.example.com:8443/tks</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[CA Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: Root CA (Security Domain)<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[DRM Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: DRM<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[OCSP Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: OCSP<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[TKS Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: TKS<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
</blockquote>
After running the upgrade script, the inaccessible URLs were
removed:<br>
<blockquote># pkidaemon status tomcat pki-tomcat<br>
Status for pki-tomcat: pki-tomcat is running ..<br>
<br>
[CA Status Definitions]<br>
Unsecure URL = <a class="moz-txt-link-freetext" href="http://pki.example.com:8080/ca/ee/ca">http://pki.example.com:8080/ca/ee/ca</a><br>
Secure Agent URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/agent/ca">https://pki.example.com:8443/ca/agent/ca</a><br>
Secure EE URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/ee/ca">https://pki.example.com:8443/ca/ee/ca</a><br>
Secure Admin URL = <a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca/services">https://pki.example.com:8443/ca/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ca">https://pki.example.com:8443/ca</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[DRM Status Definitions]<br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra/agent/kra">https://pki.example.com:8443/kra/agent/kra</a><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra/services">https://pki.example.com:8443/kra/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/kra">https://pki.example.com:8443/kra</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[OCSP Status Definitions]<br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/agent/ocsp">https://pki.example.com:8443/ocsp/agent/ocsp</a><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp/services">https://pki.example.com:8443/ocsp/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/ocsp">https://pki.example.com:8443/ocsp</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[TKS Status Definitions]<br>
Secure Agent URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks/agent/tks">https://pki.example.com:8443/tks/agent/tks</a><br>
Secure Admin URL =
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks/services">https://pki.example.com:8443/tks/services</a><br>
PKI Console Command = pkiconsole
<a class="moz-txt-link-freetext" href="https://pki.example.com:8443/tks">https://pki.example.com:8443/tks</a><br>
Tomcat Port = 8005 (for shutdown)<br>
<br>
[CA Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: Root CA (Security Domain)<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[DRM Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: DRM<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[OCSP Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: OCSP<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
[TKS Configuration Definitions]<br>
PKI Instance Name: pki-tomcat<br>
<br>
PKI Subsystem Type: TKS<br>
<br>
Registered PKI Security Domain Information:<br>
==========================================================================<br>
Name: example.com Security Domain<br>
URL: <a class="moz-txt-link-freetext" href="https://pki.example.com:8443">https://pki.example.com:8443</a><br>
==========================================================================<br>
<br>
</blockquote>
</body>
</html>