Bug 485561
Summary: | pki-silent is broken in dogtag 1.0.0 | ||
---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Roman Kisilenko <rkisilenko> |
Component: | Other | Assignee: | Ade Lee <alee> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 1.0 | CC: | alee, awnuk, benl, cfu, jmagne, tscherf |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-04-02 18:40:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 443788 |
Description
Roman Kisilenko
2009-02-14 13:23:04 UTC
That specific problem has been fixed. Please update from the latest source tree. As of today, the latest version is: pki-silent-1.0.0-8 You will also need to specify several parameters. Here is an example invocation from a python script. You can easily pick out the parameters here. args = ["/usr/bin/perl", "/usr/bin/pkisilent", "ConfigureCA", "-cs_hostname", options.host_name, "-cs_port", str(secure_port), "-client_certdb_dir", client_certdb_dir, "-client_certdb_pwd", options.admin_password, "-preop_pin" , preop_pin, "-domain_name", options.domain_name, "-admin_user", admin_user, "-admin_email", admin_email, "-admin_password", options.admin_password, "-agent_name", agent_name, "-agent_key_size", str(key_size), "-agent_key_type", str(key_type), "-agent_cert_subject", agent_cert_subject + options.domain_name + "\"", "-ldap_host", options.host_name, "-ldap_port", str(ldap_port), "-bind_dn", bind_dn, "-bind_password", options.dm_password, "-base_dn", base_dn, "-db_name", db_name, "-key_size", str(key_size), "-key_type", str(key_type), "-save_p12", "true", "-backup_pwd", options.admin_password, "-subsystem_name", pki_instance_name, "-token_name", token_name, "-ca_subsystem_cert_subject_name", ca_subsystem_cert_subject_name + options.domain_name + "\"", "-ca_ocsp_cert_subject_name", ca_ocsp_cert_subject_name + options.domain_name + "\"", "-ca_server_cert_subject_name", "CN=" + options.host_name + ",O=" + options.domain_name, "-ca_sign_cert_subject_name", ca_sign_cert_subject_name + options.domain_name + "\"" ] if (options.external): args.append("-external") args.append("true") args.append("-ext_csr_file") args.append(ext_csr_file) if (options.cacertfile): args.append("-ext_ca_cert_file") args.append(options.cacertfile) if (options.cacertchainfile): args.append("-ext_ca_cert_chain_file") args.append(options.cacertchainfile) else: args.append("-external") args.append("false") if (options.clone): args.append("-clone") args.append("true") args.append("-clone_p12_file") args.append(options.clonefile) args.append("-clone_p12_password") args.append(options.clonepasswd) args.append("-clone_uri") args.append(options.cloneURI) args.append("-sd_hostname") args.append(options.sd_hostname) args.append("-sd_ssl_port") args.append(options.sd_ssl_port) args.append("-sd_admin_name") args.append(options.sd_admin_name) args.append("-sd_admin_password") args.append(options.sd_admin_password) else: args.append("-clone") args.append("false") print args run(args) |