dogtagpki

Clone
Source Code
GIT

#1655 Move serial/request number range configuration into LDAP
Closed: migrated 3 years ago by dmoluguw. Opened 8 years ago by edewata.

Closed: migrated
Reopen Issue

Currently the serial/request number range configuration is stored in CS.cfg:

dbs.beginReplicaNumber=98
dbs.beginRequestNumber=9990001
dbs.beginSerialNumber=fff0001
dbs.enableRandomSerialNumbers=false
dbs.enableSerialManagement=true
dbs.endReplicaNumber=100
dbs.endRequestNumber=10000000
dbs.endSerialNumber=10000000
dbs.ldap=internaldb
dbs.newSchemaEntryAdded=true
dbs.nextBeginRequestNumber=10000001
dbs.nextBeginSerialNumber=10000001
dbs.nextEndRequestNumber=20000000
dbs.nextEndSerialNumber=20000000
dbs.randomSerialNumberCounter=-1
dbs.replicaCloneTransferNumber=5
dbs.replicaDN=ou=replica
dbs.replicaIncrement=100
dbs.replicaLowWaterMark=20
dbs.replicaRangeDN=ou=replica, ou=ranges
dbs.requestCloneTransferNumber=10000
dbs.requestDN=ou=ca, ou=requests
dbs.requestIncrement=10000000
dbs.requestLowWaterMark=2000000
dbs.requestRangeDN=ou=requests, ou=ranges
dbs.serialCloneTransferNumber=10000
dbs.serialDN=ou=certificateRepository, ou=ca
dbs.serialIncrement=10000000
dbs.serialLowWaterMark=2000000
dbs.serialRangeDN=ou=certificateRepository, ou=ranges

Some of these parameters are redundant because they are already stored in LDAP (e.g. endRequestNumber, endSerialNumber, nextEndRequestNumber, nextEndSerialNumber), so they can be removed from CS.cfg.

Ideally most of these parameters can be moved to LDAP as well, leaving only the following parameters in CS.cfg:

dbs.ldap=internaldb
dbs.replicaDN=ou=replica
dbs.replicaRangeDN=ou=replica, ou=ranges
dbs.requestDN=ou=ca, ou=requests
dbs.requestRangeDN=ou=requests, ou=ranges
dbs.serialDN=ou=certificateRepository, ou=ca
dbs.serialRangeDN=ou=certificateRepository, ou=ranges

Per CS/DS Meeting of 10/19/2015: 10.4

Metadata Update from @edewata:
- Issue set to the milestone: UNTRIAGED
7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2214

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata Update from @dmoluguw:
- Issue close_status updated to: migrated
- Issue status updated to: Closed (was: Open)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
major
None
None
None
defect
None
None
None
None
None
Community
None
None
None
None
None
None
General
10.4
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.