[Bug 1813919] Re: Incorrect trust flags in NSSDB when renewing subsystem certificates

** Description changed: OS: ubuntu 18.04 Dogtag: 10.6.0 When renewing subsystem certificates in dogtag (by following the process described here: https://www.dogtagpki.org/wiki/System_Certificate_Renewal), OCSP will break due to incorrect trust flags in NSS. The certificate IDs

[Bug 1813919] [NEW] Incorrect trust flags in NSSDB when renewing subsystem certificates

Public bug reported: OS: ubuntu 18.04 Dogtag: 10.6.0 When renewing subsystem certificates in dogtag (by following the process described here: https://www.dogtagpki.org/wiki/System_Certificate_Renewal), OCSP will break due to incorrect trust flags in NSS. The certificate IDs are: 'ocsp_signing'

[Bug 1813916] [NEW] incorrect classpath in pki/cli/main.py

Public bug reported: Ubuntu 18.04 Running the 'pki' command will fail when python executes java. The cmd array on line 101 in pki/cli/main.py has an incorrect classpath. Instead of '-Djava.ext.dirs=' + pki_lib, it needs to be: '-Djava.ext.dirs=' + pki_lib + ':/usr/share/java', ** Affects: