[Pki-devel] [PATCH] Removed more inaccessible URLs from server.xml

John Magne jmagne at redhat.com
Fri Aug 7 23:25:14 UTC 2015 

Looks like what we discussed in IRC :

ACK

----- Original Message -----
From: "Matthew Harmsen" <mharmsen at redhat.com>
To: "pki-devel" <pki-devel at redhat.com>
Sent: Friday, August 7, 2015 3:36:14 PM
Subject: Re: [Pki-devel] [PATCH] Removed more inaccessible URLs from	server.xml

Per discussions via email and IRC, the attached patch restores and modifies the two OCSP URL links. Additionally, this patch alters the pkidaemon man page to reflect these changes. 

-- Matt 


On 08/04/15 16:43, Matthew Harmsen wrote: 


Please review the attached patch which addresses the following two tickets: 


    * PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible 
    * PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat shows an error page 


These were tested by installing four new instances and running 'pkidaemon status tomcat pki-tomcat'. The following four inaccessible URLs no longer showed up: 


    * Unsecure URL = http://pki.example.com:8080/kra/ee/kra (1443) 
    * Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp (1518) 
    * Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp (1518) 
    * Unsecure URL = http://pki.example.com:8080/tks/ee/tks (1443) 


Additionally, a test was run which showed that the upgrade code worked successfully: 


# pkidaemon status tomcat pki-tomcat 
Status for pki-tomcat: pki-tomcat is running .. 

[CA Status Definitions] 
Unsecure URL = http://pki.example.com:8080/ca/ee/ca 
Secure Agent URL = https://pki.example.com:8443/ca/agent/ca 
Secure EE URL = https://pki.example.com:8443/ca/ee/ca 
Secure Admin URL = https://pki.example.com:8443/ca/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/ca 
Tomcat Port = 8005 (for shutdown) 

[DRM Status Definitions] 
Unsecure URL = http://pki.example.com:8080/kra/ee/kra 
Secure Agent URL = https://pki.example.com:8443/kra/agent/kra 
Secure Admin URL = https://pki.example.com:8443/kra/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/kra 
Tomcat Port = 8005 (for shutdown) 

[OCSP Status Definitions] 
Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp 
Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp 
Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp 
Secure Admin URL = https://pki.example.com:8443/ocsp/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp 
Tomcat Port = 8005 (for shutdown) 

[TKS Status Definitions] 
Unsecure URL = http://pki.example.com:8080/tks/ee/tks 
Secure Agent URL = https://pki.example.com:8443/tks/agent/tks 
Secure Admin URL = https://pki.example.com:8443/tks/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/tks 
Tomcat Port = 8005 (for shutdown) 

[CA Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: Root CA (Security Domain) 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[DRM Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: DRM 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[OCSP Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: OCSP 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[TKS Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: TKS 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 
After running the upgrade script, the inaccessible URLs were removed: 


# pkidaemon status tomcat pki-tomcat 
Status for pki-tomcat: pki-tomcat is running .. 

[CA Status Definitions] 
Unsecure URL = http://pki.example.com:8080/ca/ee/ca 
Secure Agent URL = https://pki.example.com:8443/ca/agent/ca 
Secure EE URL = https://pki.example.com:8443/ca/ee/ca 
Secure Admin URL = https://pki.example.com:8443/ca/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/ca 
Tomcat Port = 8005 (for shutdown) 

[DRM Status Definitions] 
Secure Agent URL = https://pki.example.com:8443/kra/agent/kra 
Secure Admin URL = https://pki.example.com:8443/kra/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/kra 
Tomcat Port = 8005 (for shutdown) 

[OCSP Status Definitions] 
Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp /<ocsp request blob> 




Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp 
Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp /<ocsp request blob> 




Secure Admin URL = https://pki.example.com:8443/ocsp/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp 
Tomcat Port = 8005 (for shutdown) 

[TKS Status Definitions] 
Secure Agent URL = https://pki.example.com:8443/tks/agent/tks 
Secure Admin URL = https://pki.example.com:8443/tks/services 
PKI Console Command = pkiconsole https://pki.example.com:8443/tks 
Tomcat Port = 8005 (for shutdown) 

[CA Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: Root CA (Security Domain) 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[DRM Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: DRM 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[OCSP Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: OCSP 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 

[TKS Configuration Definitions] 
PKI Instance Name: pki-tomcat 

PKI Subsystem Type: TKS 

Registered PKI Security Domain Information: 
========================================================================== 
Name: example.com Security Domain 
URL: https://pki.example.com:8443 
========================================================================== 



_______________________________________________
Pki-devel mailing list
Pki-devel at redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

More information about the Pki-devel mailing list