The TPS's CS.cfg and token-states.properties have been updated to include instructions to customize token state transitions and labels.
https://fedorahosted.org/pki/ticket/2300 -- Endi S. Dewata
>From c5918be7301801be780079ea97caffab3b93bdb4 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Wed, 15 Jun 2016 07:18:47 +0200 Subject: [PATCH] Updated instructions to customize TPS token lifecycle. The TPS's CS.cfg and token-states.properties have been updated to include instructions to customize token state transitions and labels. https://fedorahosted.org/pki/ticket/2300 --- base/tps-client/doc/CS.cfg | 14 ++++++++------ base/tps/shared/conf/CS.cfg | 14 ++++++++------ base/tps/shared/conf/token-states.properties | 10 ++++++++++ 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/base/tps-client/doc/CS.cfg b/base/tps-client/doc/CS.cfg index 6903a4bd541ad7a31339ca3ad9cec61856114f53..db9452a61d22ed849b439f147d7744a397980e80 100644 --- a/base/tps-client/doc/CS.cfg +++ b/base/tps-client/doc/CS.cfg @@ -1489,9 +1489,10 @@ tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, tokendb._073=# TERMINATED = 6, tokendb._074=# UNFORMATTED = 7 -tokendb._075=# Note: Default transitions can be removed from the list if necessary. -tokendb._076=# Do not add other transitions since they may not be supported. -tokendb._077=######################################### +tokendb._075=# Note: Transitions can be removed from the list if necessary. +tokendb._076=# Do not add new transitions unless they were originally in the list. +tokendb._077=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg. +tokendb._078=######################################### tokendb.auditLog=[PKI_INSTANCE_PATH]/logs/tokendb-audit.log tokendb.hostport=[TOKENDB_HOST]:[TOKENDB_PORT] tokendb.ssl=false @@ -1597,9 +1598,10 @@ tps._009=# - token operations, like formatting and enrollment have transitions tps._010=# FORMATTED = 0, tps._011=# ACTIVE = 4, tps._012=# UNFORMATTED = 7 -tps._013=# Note: Default transitions can be removed from the list if necessary. -tps._014=# Do not add other transitions since they may not be supported. -tps._015=######################################## +tps._013=# Note: Transitions can be removed from the list if necessary. +tps._014=# Do not add new transitions unless they were originally in the list. +tps._015=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg. +tps._016=######################################## tps.operations.allowedTransitions=0:0,0:4,4:4,4:0,7:0 tps.cert.list=sslserver,subsystem,audit_signing tps.cert.sslserver.nickname=[HSM_LABEL][NICKNAME] diff --git a/base/tps/shared/conf/CS.cfg b/base/tps/shared/conf/CS.cfg index 90d1747dd4617b097e11207f8c10e0bbd8c5ccee..70a83308ff2ba0f294b5cf445e018344a29cb97a 100644 --- a/base/tps/shared/conf/CS.cfg +++ b/base/tps/shared/conf/CS.cfg @@ -1971,9 +1971,10 @@ tokendb._071=# SUSPENDED = 3, tokendb._072=# ACTIVE = 4, tokendb._073=# TERMINATED = 6, tokendb._074=# UNFORMATTED = 7 -tokendb._075=# Note: Default transitions can be removed from the list if necessary. -tokendb._076=# Do not add other transitions since they may not be supported. -tokendb._077=######################################### +tokendb._075=# Note: Transitions can be removed from the list if necessary. +tokendb._076=# Do not add new transitions unless they were originally in the list. +tokendb._077=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg. +tokendb._078=######################################### tokendb.activityBaseDN=ou=Activities,[TOKENDB_ROOT] tokendb.addConfigTemplate=addConfig.template tokendb.addResultTemplate=addResults.template @@ -2038,9 +2039,10 @@ tps._009=# - token operations, like formatting and enrollment have transitions tps._010=# FORMATTED = 0, tps._011=# ACTIVE = 4, tps._012=# UNFORMATTED = 7 -tps._013=# Note: Default transitions can be removed from the list if necessary. -tps._014=# Do not add other transitions since they may not be supported. -tps._015=######################################## +tps._013=# Note: Transitions can be removed from the list if necessary. +tps._014=# Do not add new transitions unless they were originally in the list. +tps._015=# See the original transition list in /usr/share/pki/tps/conf/CS.cfg. +tps._016=######################################## tps.cert.audit_signing.certusage=ObjectSigner tps.cert.audit_signing.nickname=[HSM_LABEL][NICKNAME] tps.cert.list=sslserver,subsystem,audit_signing diff --git a/base/tps/shared/conf/token-states.properties b/base/tps/shared/conf/token-states.properties index 4c972f3b107d7d573a8ea0ac952ddda02f585372..99ade3d7722f33945a0f81ef1455cfb3817a8c1f 100644 --- a/base/tps/shared/conf/token-states.properties +++ b/base/tps/shared/conf/token-states.properties @@ -1,3 +1,13 @@ +# To customize the state and transition labels, copy this file into +# /var/lib/pki/<instance>/tps/conf then change the labels as needed. +# Do not define new states or transitions since they will not be +# supported. +# +# To customize the transitions, edit the following properties in +# /var/lib/pki/<instance>/tps/conf/CS.cfg: +# - tokendb.allowedTransitions +# - tps.operations.allowedTransitions + # Token states UNFORMATTED = Unformatted FORMATTED = Formatted (uninitialized) -- 2.5.5
_______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel
