[Pki-devel] [PATCH] fixes to move to admin port for cloning CA's (RHCS 8.x)

Tue Feb 12 20:11:18 UTC 2013

We want to use the admin interface for installation work.  This patch
moves the interfaces used in cloning from either the EE or agent
interface to the admin one.  See:
http://pki.fedoraproject.org/wiki/8.1_installer_work_for_cloning

Specifically, 
1. Change call to use /ca/admin/ca/getCertChain
2. Remove unneeded getTokenInfo servlet.  The logic not to use this
servlet has already been committed to dogtag 10.
3. Move updateNumberRange to the admin interface.  For backward
compatibility with old instances, the install code will
call /ca/agent/updateNumberRange as a fallback.
4. Add updateDomainXML to admin interface.  For backward compatibility,
updateDomainXML will continue to be exposed on the agent interface with
agent client auth.
5. Changed pkidestroy to get an install token and use the admin
interface to update the security domain.  For backward compatibility,
the user and password and not specified as mandatory arguments -
although we want to do that in future.
6. Added tokenAuthenticate to the admin interface. 

Note, existing subsystems will need to have config changes manually
added in order to use the new interfaces.  Instructions will be added to
the link above.  With new instances, you should be able to clone a CA
all on the admin interface.

The patches are for the PKI_8_1_ERRATA_BRANCH and PKI_8_BRANCH

Please review, 
Ade
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cloning.8.errata.patch
Type: text/x-patch
Size: 100259 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20130212/1aa13d22/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cloning.PKI_8_BRANCH.patch
Type: text/x-patch
Size: 100749 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20130212/1aa13d22/attachment-0001.bin>