For a CA, the EXAMPLES section contains a 'myconfig.txt' file with the following contents:
[DEFAULT] pki_admin_password=password123 pki_client_pkcs12_password=password123 pki_ds_password=password123
which appears to be missing the required parameter:
pki_security_domain_password=password123
Similarly, for a KRA, OCSP, or TKS, the EXAMPLES section contains a 'myconfig.txt' file with the following contents:
[DEFAULT] pki_admin_password=password123 pki_client_pkcs12_password=password123 pki_ds_password=password123 pki_security_domain_password=password123
pki_client_database_password=password123
Additionally, for a TPS, the EXAMPLES section should contain a 'myconfig.txt' file with the following contents:
[DEFAULT] pki_admin_password=password123 pki_client_database_password=password123 pki_client_pkcs12_password=password123 pki_ds_password=password123 pki_security_domain_password=password123 [TPS] pki_enable_server_side_keygen=True pki_authdb_basedn=dc=example,dc=com
although the 'pki_enable_server_side_keygen=True' is an optional parameter unless the user wants to utilize a KRA for server-side keygen.
This entire section should be reviewed and fixed to make certain that it provides correct EXAMPLES to end users of 'pkispawn'.
[06/04/2014] - Moving to Milestone 10.2.1 due to schedule restrictions.
Proposed Milestone: 10.2.3 (per CS Meeting of 09/17/2014)
man page (complete earlier if possible)
Per Dogtag 10.2.X meeting of 01/14/2015: Milestone 10.2 Backlog
Based on testing, the pki_security_domain_password is not required for CA. For clarity, the [DEFAULT] should be replaced with the actual subsystem to be installed (e.g. [CA]).
The missing pki_client_database_password was already fixed in a44ccf872262b1289cd2577a6ba55071066a5209.
TPS-related information will be added in ticket #1277.
Metadata Update from @mharmsen: - Issue assigned to edewata - Issue set to the milestone: 10.2.6
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1394
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.