Attached please find the patch that addresses:
https://fedorahosted.org/pki/ticket/978 TPS connector man page: add
revocation routing info
thanks,
Christina
>From 79555bd4bfd74a97af8cf8d674f0a7df62a8a98e Mon Sep 17 00:00:00 2001
From: Christina Fu <c...@redhat.com>
Date: Thu, 7 Jul 2016 14:02:18 -0700
Subject: [PATCH] Ticket #978 PS connector man page: add revocation routing
info
---
base/tps/man/man5/pki-tps-connector.5 | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/base/tps/man/man5/pki-tps-connector.5 b/base/tps/man/man5/pki-tps-connector.5
index 6ee009ac15491d5856c0b0d7f2327fb65e6f9cb0..b3e405e82b1f0832eddd797be41b51aa54338e49 100644
--- a/base/tps/man/man5/pki-tps-connector.5
+++ b/base/tps/man/man5/pki-tps-connector.5
@@ -62,12 +62,26 @@ This property contains the maximum number of HTTP connections.
.SS tps.connector.ca<n>.uri.<op>
This property contains the URI to contact CA for the operation <op>.
-Example ops: enrollment, renewal, revoke, unrevoke.
+Example ops: enrollment, renewal, revoke, unrevoke, getcert.
.SS tps.connector.ca<n>.timeout
This property contains the connection timeout.
+.SS tps.connector.connCAList
+
+This property is used for \fIRevocation Routing\fP. It contains a list of ordered ca id's separated by ',' that the revocation attempt should be made to.
+Example:
+tps.connCAList=ca1,ca2
+
+.SS tps.connector.ca<n>.caNickname
+
+This property is used for \fIRevocation Routing\fP. It contains the nickname of the CA signing certificate that represents this ca<n>.
+
+.SS tps.connector.ca<n>.caSKI
+
+This property is used for \fIRevocation Routing\fP . It contains the Subject Key Identifier of the CA signing certificate of this ca<n>. This value is automatically calculated by TPS once and should not need handling by the administrator.
+
.SH KRA CONNECTOR
A KRA connector is defined using properties that begin with tps.connector.kra<n> where
@@ -182,6 +196,13 @@ tps.connector.ca1.uri.enrollment=/ca/ee/ca/profileSubmitSSLClient
tps.connector.ca1.uri.renewal=/ca/ee/ca/profileSubmitSSLClient
tps.connector.ca1.uri.revoke=/ca/ee/subsystem/ca/doRevoke
tps.connector.ca1.uri.unrevoke=/ca/ee/subsystem/ca/doUnrevoke
+# in case of Revocation Routing
+# note that caSKI is automatically calculated by TPS
+tps.connCAList=ca1,ca2
+tps.connector.ca1.caNickname=caSigningCert cert-pki-tomcat CA
+tps.connector.ca1.caSKI=hAzNarQMlzit4BymAlbduZMwVCc
+# ca2 connector in case of Revocation Routing
+tps.connector.ca2.<etc.>
tps.connector.kra1.enable=true
tps.connector.kra1.host=server.example.com
--
2.4.3
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel