Attached please find the patch that addresses:
https://fedorahosted.org/pki/ticket/978 TPS connector man page: add revocation routing info

thanks,
Christina
>From 79555bd4bfd74a97af8cf8d674f0a7df62a8a98e Mon Sep 17 00:00:00 2001
From: Christina Fu <c...@redhat.com>
Date: Thu, 7 Jul 2016 14:02:18 -0700
Subject: [PATCH] Ticket #978 PS connector man page: add revocation routing
 info

---
 base/tps/man/man5/pki-tps-connector.5 | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/base/tps/man/man5/pki-tps-connector.5 b/base/tps/man/man5/pki-tps-connector.5
index 6ee009ac15491d5856c0b0d7f2327fb65e6f9cb0..b3e405e82b1f0832eddd797be41b51aa54338e49 100644
--- a/base/tps/man/man5/pki-tps-connector.5
+++ b/base/tps/man/man5/pki-tps-connector.5
@@ -62,12 +62,26 @@ This property contains the maximum number of HTTP connections.
 .SS tps.connector.ca<n>.uri.<op>
 
 This property contains the URI to contact CA for the operation <op>.
-Example ops: enrollment, renewal, revoke, unrevoke.
+Example ops: enrollment, renewal, revoke, unrevoke, getcert.
 
 .SS tps.connector.ca<n>.timeout
 
 This property contains the connection timeout.
 
+.SS tps.connector.connCAList
+
+This property is used for \fIRevocation Routing\fP. It contains a list of ordered ca id's separated by ',' that the revocation attempt should be made to.
+Example:
+tps.connCAList=ca1,ca2
+
+.SS tps.connector.ca<n>.caNickname
+
+This property is used for \fIRevocation Routing\fP.  It contains the nickname of the CA signing certificate that represents this ca<n>.
+
+.SS tps.connector.ca<n>.caSKI
+
+This property is used for \fIRevocation Routing\fP . It contains the Subject Key Identifier of the CA signing certificate of this ca<n>. This value is automatically calculated by TPS once and should not need handling by the administrator.
+
 .SH KRA CONNECTOR
 
 A KRA connector is defined using properties that begin with tps.connector.kra<n> where
@@ -182,6 +196,13 @@ tps.connector.ca1.uri.enrollment=/ca/ee/ca/profileSubmitSSLClient
 tps.connector.ca1.uri.renewal=/ca/ee/ca/profileSubmitSSLClient
 tps.connector.ca1.uri.revoke=/ca/ee/subsystem/ca/doRevoke
 tps.connector.ca1.uri.unrevoke=/ca/ee/subsystem/ca/doUnrevoke
+# in case of Revocation Routing
+# note that caSKI is automatically calculated by TPS
+tps.connCAList=ca1,ca2
+tps.connector.ca1.caNickname=caSigningCert cert-pki-tomcat CA
+tps.connector.ca1.caSKI=hAzNarQMlzit4BymAlbduZMwVCc
+# ca2 connector in case of Revocation Routing
+tps.connector.ca2.<etc.>
 
 tps.connector.kra1.enable=true
 tps.connector.kra1.host=server.example.com
-- 
2.4.3

_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to