[Pki-devel] [PATCH] 827 Added support to create system certificates in different tokens.

Ade Lee alee at redhat.com
Fri Sep 2 15:12:47 UTC 2016 

This looks OK to me.  I will merge it

Ade

On Thu, 2016-09-01 at 11:04 -0400, Endi Sukma Dewata wrote:
> I think if you search for the usage of CryptoToken.login(), it's done
> at the beginning of configuration servlet (SystemConfigService) and
> in the beginning of server startup (JssSubsystem). TomcatJSS might
> also do the same thing (I haven't checked the code).
> 
> This patch doesn't change the order of token login and the
> certificate creations. It mainly changes how the tokenname parameters
> are initialized. Previously it's done by the configuration servlet
> but with the wrong value. Now it's done in pkispawn with the correct
> value.
> 
> --
> Endi S. Dewata
> 
> ----- Original Message -----
> > 
> > 
> > I'm less familiar with the area, so I'm just going to ask a
> > question. Where
> > in the new code does it handle taking in passwords and logging into
> > the
> > extra token(s)?
> > 
> > 
> > thanks,
> > 
> > Christina
> > 
> > On 08/31/2016 12:35 PM, Endi Sukma Dewata wrote:
> > 
> > 
> > Previously all system certificates were always created in the same
> > token specified in the pki_token_name parameter.
> > 
> > To allow creating system certificates in different tokens, the
> > configuration.py has been modified to store the system certificate
> > token names specified in pki_<cert>_token parameters into the
> > CS.cfg before the server is started.
> > 
> > After the server is started, the configuration servlet will read
> > the token names from the CS.cfg and create the certificates in the
> > appropriate token.
> > 
> > https://fedorahosted.org/pki/ticket/2449
> > 
> > 
> > 
> > _______________________________________________
> > Pki-devel mailing list Pki-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-devel
> > 
> > 
> > _______________________________________________
> > Pki-devel mailing list
> > Pki-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-devel
> 
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel

More information about the Pki-devel mailing list