[Pki-devel] [PATCH] 158 - add interactive install for the tomcat tps
Ade Lee
alee at redhat.com
Fri Sep 20 13:11:02 UTC 2013
Ok, made the suggested changes. New patch attached.
The current output now looks like this:
Subsystem (CA/KRA/OCSP/TKS/TPS) [CA]: TPS
Tomcat:
Instance [pki-tomcat]:
HTTP port [8080]:
Secure HTTP port [8443]:
AJP port [8009]:
Management port [8005]:
Administrator:
Username [tpsadmin]:
Password:
Verify password:
Import certificate (Yes/No) [Y]?
Import certificate from [/root/.dogtag/pki-tomcat/ca_admin.cert]:
Export certificate to [/root/.dogtag/pki-tomcat/tps_admin.cert]:
Directory Server:
Hostname [vm-132.idm.lab.bos.redhat.com]:
Port [389]: 55389
Bind DN [cn=Directory Manager]:
Password:
Base DN [o=pki-tomcat-TPS]:
Base DN already exists. Overwrite (Yes/No/Quit)? Yes
Security Domain:
Hostname [vm-132.idm.lab.bos.redhat.com]:
Secure HTTP port [8443]:
Name: domain 0917 take 2
Username [caadmin]:
Password:
External Servers:
CA URL [https://vm-132.idm.lab.bos.redhat.com:8443]:
TKS URL [https://vm-132.idm.lab.bos.redhat.com:8443]:
Enable server side key generation (Yes/No) [No]? Yes
KRA URL [https://vm-132.idm.lab.bos.redhat.com:8443]:
Authentication Database:
Hostname [vm-132.idm.lab.bos.redhat.com]:
Port [389]:
Base DN: dc=redhat,dc=com
Begin installation (Yes/No/Quit)?
All good?
Ade
On Thu, 2013-09-19 at 17:16 -0500, Endi Sukma Dewata wrote:
> On 9/19/2013 1:13 PM, Ade Lee wrote:
> > This patch adds interactive install for the tomcat tps.
> >
> > Please review,
> > Ade
>
> Some issues:
>
> 1. The following line doesn't assign the result to the status variable:
>
> parser.get_server_status('tks', 'pki_tks_uri')
>
> 2. My TPS installation failed to create the database. I'm still
> investigating the problem.
>
>
> There are some minor visual issues, please see if they make sense. This
> is the current pkispawn output:
>
> TPS Parameters:
> CA URI [https://localhost:8443]:
> TKS URI [https://localhost:8443]:
> Enable Server Side Key Generation (Yes/No)? y
> DRM URI [https://localhost:8443]:
> Authentication Database Hostname [localhost]:
> Authentication Database Port [389]:
> Authentication Database Base DN: dc=example,dc=com
> Begin installation (Yes/No/Quit)?
>
> 3. Instead of "TPS Parameters" we can use "Token Processing Service" or
> "External Servers".
>
> 4. The "Authentication Database" could also be put into a separate
> section to avoid repetitions.
>
> 5. To be consistent the questions shouldn't use capital letters unless
> it's the beginning of the sentence, in abbreviations or names. So in
> this case the questions should say:
>
> Enable server-side key generation
> Authentication database hostname
> Authentication database port
> Authentication database base DN
>
> 6. The "Enable server-side key generation" question probably should have
> a default value of "N". This way someone trying out TPS can continue
> with minimal configuration.
>
> 7. There has been an unresolved issue about the usage of KRA vs DRM.
> However, since pkispawn has consistently use KRA in its output, we
> should use that instead of DRM.
>
> 8. It's probably better to use "URL" or "location" instead of "URI"
> since the value has to point to an actual location, not just a name. We
> probably have been using URI incorrectly in the code.
>
> 9. There should be a single blank line between the last question and
> "Begin installation" to signify the end of questions.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-vakwetu-0158-1-Added-interactive-install-for-tomcat-TPS.patch
Type: text/x-patch
Size: 9217 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20130920/18e3363c/attachment.bin>
More information about the Pki-devel
mailing list