Bug 485561
| Summary: | pki-silent is broken in dogtag 1.0.0 | ||
|---|---|---|---|
| Product: | [Retired] Dogtag Certificate System | Reporter: | Roman Kisilenko <rkisilenko> |
| Component: | Other | Assignee: | Ade Lee <alee> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 1.0 | CC: | alee, awnuk, benl, cfu, jmagne, tscherf |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-04-02 18:40:14 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 443788 | ||
|
Description
Roman Kisilenko
2009-02-14 13:23:04 UTC
That specific problem has been fixed. Please update from the latest source tree. As of today, the latest version is:
pki-silent-1.0.0-8
You will also need to specify several parameters. Here is an example invocation from a python script. You can easily pick out the parameters here.
args = ["/usr/bin/perl", "/usr/bin/pkisilent", "ConfigureCA",
"-cs_hostname", options.host_name,
"-cs_port", str(secure_port),
"-client_certdb_dir", client_certdb_dir,
"-client_certdb_pwd", options.admin_password,
"-preop_pin" , preop_pin,
"-domain_name", options.domain_name,
"-admin_user", admin_user,
"-admin_email", admin_email,
"-admin_password", options.admin_password,
"-agent_name", agent_name,
"-agent_key_size", str(key_size),
"-agent_key_type", str(key_type),
"-agent_cert_subject", agent_cert_subject + options.domain_name + "\"",
"-ldap_host", options.host_name,
"-ldap_port", str(ldap_port),
"-bind_dn", bind_dn,
"-bind_password", options.dm_password,
"-base_dn", base_dn,
"-db_name", db_name,
"-key_size", str(key_size),
"-key_type", str(key_type),
"-save_p12", "true",
"-backup_pwd", options.admin_password,
"-subsystem_name", pki_instance_name,
"-token_name", token_name,
"-ca_subsystem_cert_subject_name", ca_subsystem_cert_subject_name + options.domain_name + "\"",
"-ca_ocsp_cert_subject_name", ca_ocsp_cert_subject_name + options.domain_name + "\"",
"-ca_server_cert_subject_name", "CN=" + options.host_name + ",O=" + options.domain_name,
"-ca_sign_cert_subject_name", ca_sign_cert_subject_name + options.domain_name + "\"" ]
if (options.external):
args.append("-external")
args.append("true")
args.append("-ext_csr_file")
args.append(ext_csr_file)
if (options.cacertfile):
args.append("-ext_ca_cert_file")
args.append(options.cacertfile)
if (options.cacertchainfile):
args.append("-ext_ca_cert_chain_file")
args.append(options.cacertchainfile)
else:
args.append("-external")
args.append("false")
if (options.clone):
args.append("-clone")
args.append("true")
args.append("-clone_p12_file")
args.append(options.clonefile)
args.append("-clone_p12_password")
args.append(options.clonepasswd)
args.append("-clone_uri")
args.append(options.cloneURI)
args.append("-sd_hostname")
args.append(options.sd_hostname)
args.append("-sd_ssl_port")
args.append(options.sd_ssl_port)
args.append("-sd_admin_name")
args.append(options.sd_admin_name)
args.append("-sd_admin_password")
args.append(options.sd_admin_password)
else:
args.append("-clone")
args.append("false")
print args
run(args)
|