[Pki-devel] [PATCH] Removed more inaccessible URLs from server.xml
Matthew Harmsen
mharmsen at redhat.com
Tue Aug 4 22:43:19 UTC 2015
Please review the attached patch which addresses the following two tickets:
* PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI
subsystems which are not accessible
<https://fedorahosted.org/pki/ticket/1443>
* PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status
tomcat shows an error page <https://fedorahosted.org/pki/ticket/1518>
These were tested by installing four new instances and running
'pkidaemon status tomcat pki-tomcat'. The following four inaccessible
URLs no longer showed up:
* *Unsecure URL = http://pki.example.com:8080/kra/ee/kra* (1443)
* *Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp* (1518)
* *Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp* (1518)
* *Unsecure URL = http://pki.example.com:8080/tks/ee/tks* (1443)
Additionally, a test was run which showed that the upgrade code worked
successfully:
# pkidaemon status tomcat pki-tomcat
Status for pki-tomcat: pki-tomcat is running ..
[CA Status Definitions]
Unsecure URL = http://pki.example.com:8080/ca/ee/ca
Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
Secure EE URL = https://pki.example.com:8443/ca/ee/ca
Secure Admin URL = https://pki.example.com:8443/ca/services
PKI Console Command = pkiconsole https://pki.example.com:8443/ca
Tomcat Port = 8005 (for shutdown)
[DRM Status Definitions]
* Unsecure URL = http://pki.example.com:8080/kra/ee/kra*
Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
Secure Admin URL = https://pki.example.com:8443/kra/services
PKI Console Command = pkiconsole https://pki.example.com:8443/kra
Tomcat Port = 8005 (for shutdown)
[OCSP Status Definitions]
* Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp*
Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
* Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp*
Secure Admin URL = https://pki.example.com:8443/ocsp/services
PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
Tomcat Port = 8005 (for shutdown)
[TKS Status Definitions]
* Unsecure URL = http://pki.example.com:8080/tks/ee/tks*
Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
Secure Admin URL = https://pki.example.com:8443/tks/services
PKI Console Command = pkiconsole https://pki.example.com:8443/tks
Tomcat Port = 8005 (for shutdown)
[CA Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: Root CA (Security Domain)
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[DRM Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: DRM
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[OCSP Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: OCSP
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[TKS Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: TKS
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
After running the upgrade script, the inaccessible URLs were removed:
# pkidaemon status tomcat pki-tomcat
Status for pki-tomcat: pki-tomcat is running ..
[CA Status Definitions]
Unsecure URL = http://pki.example.com:8080/ca/ee/ca
Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
Secure EE URL = https://pki.example.com:8443/ca/ee/ca
Secure Admin URL = https://pki.example.com:8443/ca/services
PKI Console Command = pkiconsole https://pki.example.com:8443/ca
Tomcat Port = 8005 (for shutdown)
[DRM Status Definitions]
Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
Secure Admin URL = https://pki.example.com:8443/kra/services
PKI Console Command = pkiconsole https://pki.example.com:8443/kra
Tomcat Port = 8005 (for shutdown)
[OCSP Status Definitions]
Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
Secure Admin URL = https://pki.example.com:8443/ocsp/services
PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
Tomcat Port = 8005 (for shutdown)
[TKS Status Definitions]
Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
Secure Admin URL = https://pki.example.com:8443/tks/services
PKI Console Command = pkiconsole https://pki.example.com:8443/tks
Tomcat Port = 8005 (for shutdown)
[CA Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: Root CA (Security Domain)
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[DRM Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: DRM
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[OCSP Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: OCSP
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
[TKS Configuration Definitions]
PKI Instance Name: pki-tomcat
PKI Subsystem Type: TKS
Registered PKI Security Domain Information:
==========================================================================
Name: example.com Security Domain
URL: https://pki.example.com:8443
==========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20150804/5a728654/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20150804-remove-more-inaccessible-URLs-from-server.xml.patch
Type: text/x-patch
Size: 4877 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20150804/5a728654/attachment.bin>
More information about the Pki-devel
mailing list