Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
PKI config template and preliminary HSM support #2307
This patchset changes CA and KRA installer to be more flexible and easier to understand. The CA and KRA installer no longer create an ini file completely from scratch.
The new approach allows users to customize several aspects of Dogtag without requiring us to add new arguments to all installers.
The patch set also addresses some aspects for HSMs and adds a simple test case for softhsm2.
@tiran nice work mate. I've read all your changes. Some comments inline (nothing major, and some bike-shedding I confess). I'll test tomorrow, and start investigating the sslserver using wrong token bug (https://pagure.io/dogtagpki/issue/3093), which you blame for the test failure.
@rcritten in relation to your comment, I would not worry about it. We usually preserve backwards compat when we make changes to installation knobs, for a few releases at least.
@tiran thanks for the updates. Should we also document the
(edit) also, I wonder if it is possible in the
(edit 2) also the