Ignore:
Timestamp:
12/02/07 17:18:25 (13 years ago)
Author:
pjkersha
Message:

python/ndg.security.server/ndg/security/server/ca/server-config.tac:

  • added check to ensure CA pass-phrase is set and if not prompt for from command line.
  • do a get call for 'clntCertFile' dict key so that it can be optional

python/ndg.security.server/ndg/security/server/ca/init.py:

  • use $HOME/.globus/simpleCA/grid-ca-ssl.conf as the default SSL config file
  • key access methods raise KeyError? on exception
  • PassPhrase? -> passphrase

python/ndg.security.server/ndg/security/server/MyProxy.py:

  • certReqDNParam attribute is no longer needed - use openSSLConfig.reqDN instead.

python/conf/simpleCAProperties.xml,
python/ndg.security.test/ndg/security/test/ca/simpleCAProperties.xml:
explanation about default openSSLConfigFilePath setting

python/ndg.security.common/ndg/security/common/wsSecurity.py: check X.509 cert text
on 64th char for newline not 65th.

python/ndg.security.common/ndg/security/common/openssl.py: fix to error reading file
exception message.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/ca/simpleCAProperties.xml

    r2146 r2148  
    1616    <clntCertFile></clntCertFile>     
    1717        <!--  
    18         OpenSSL configuration file for Certificate Request settings - not 
    19         required if cert request is passed into sign method 
     18        OpenSSL configuration file - omit to use globus default 
     19        $HOME/.globus/simpleCA/grid-ca-ssl.conf 
    2020        --> 
    21     <openSSLConfigFilePath>$GRID_SECURITY_DIR/globus-user-ssl.conf</> 
    22     <certLifetimeDays>365<certLifetimeDays/> 
     21    <openSSLConfigFilePath> 
     22    $GRID_SECURITY_DIR/globus-user-ssl.conf 
     23    </openSSLConfigFilePath> 
     24    <certLifetimeDays>365</certLifetimeDays> 
    2325    <!-- 
    2426    <certExpiryDate/> 
    2527    --> 
    2628    <!-- Directory for temporary files generated during processing --> 
    27     <certTmpDir>/tmp<certTmpDir/> 
     29    <certTmpDir>/tmp</certTmpDir> 
    2830    <!-- Executable for checking the CA pass-phrase set --> 
    29     <chkCAPassPhraseExe>openssl</chkCAPassPhraseExe> 
     31    <chkCAPassphraseExe>openssl</chkCAPassphraseExe> 
    3032    <!-- Executable for signing certificate request --> 
    31     <signExe>grid-ca-sign<signExe/> 
     33    <signExe>grid-ca-sign</signExe> 
    3234    <!-- Set ':' paths for executables  
    3335    /usr/bin and /bin are required by grep and ? used in grid-ca-sign script  
    3436    --> 
    35     <path>$GLOBUS_LOCATION/bin:/usr/bin:/bin<path/> 
     37    <path>$GLOBUS_LOCATION/bin:/usr/bin:/bin</path> 
    3638</simpleCAProp> 
Note: See TracChangeset for help on using the changeset viewer.