Change in ovirt-engine[master]: pki: scripts rework
oschreib at redhat.com
oschreib at redhat.com
Wed Jun 12 13:37:31 UTC 2013
Ofer Schreiber has submitted this change and it was merged.
Change subject: pki: scripts rework
......................................................................
pki: scripts rework
there is a need to reuse some of the logic post installation. split
scripts, fixup shell usage, add error handling, named parameters and
more.
move scripts to engine bin directory, /etc is no place for executables.
yet there is a long way to go to cleanup the pki module.
Usage: pki-create-ca.sh [OPTIONS]
Create certificate authority.
--subject=subject X.500 subject name.
--keystore-password=password Password for keystore.
Usage: pki-enroll-pkcs12.sh [OPTIONS]
Generate key, enroll certificate, store in PKCS#12 format.
Result will be at /etc/pki/ovirt-engine/keys/PREFIX.p12
--name=prefix file name without prefix.
--password=password password of PKCS#12.
--subject=subject X.500 subject name.
--keep-key reissue certificate based on previous request.
Usage: pki-enroll-request.sh [OPTIONS]
Sign certificate request.
Certificate request should be put at: /etc/pki/ovirt-engine/requests/PREFIX.req
Certificate will be available at: /etc/pki/ovirt-engine/certs/PREFIX.cer
--name=prefix file name.
--subject=subject X.500 subject name.
--days=n issue days.
--timeout=n lock timeout, default=20
Change-Id: I8f3a8ae1fb061532cdafd5bc7961c5178d7948a0
Signed-off-by: Alon Bar-Lev <alonbl at redhat.com>
---
M .gitignore
M Makefile
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/VdsDeploy.java
M backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/hostinstall/OpenSslCAWrapper.java
M ovirt-engine.spec.in
A packaging/bin/pki-common.sh.in
A packaging/bin/pki-create-ca.sh
A packaging/bin/pki-enroll-pkcs12.sh
A packaging/bin/pki-enroll-request.sh
D packaging/etc/pki/CreateCA.sh
D packaging/etc/pki/SignReq.lock
D packaging/etc/pki/SignReq.sh
M packaging/etc/pki/cacert.template.in
M packaging/etc/pki/cert.template.in
D packaging/etc/pki/certs/.keep
D packaging/etc/pki/installCA.sh
D packaging/etc/pki/keys/.keep
D packaging/etc/pki/private/.keep
D packaging/etc/pki/requests/.keep
M packaging/fedora/setup/basedefs.py
M packaging/fedora/setup/engine-setup.py
M packaging/setup/ovirt_engine_setup/constants.py
M packaging/setup/plugins/ovirt-engine-setup/pki/ca.py
23 files changed, 460 insertions(+), 312 deletions(-)
Approvals:
Ofer Schreiber: Verified; Looks good to me, approved
--
To view, visit http://gerrit.ovirt.org/15499
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I8f3a8ae1fb061532cdafd5bc7961c5178d7948a0
Gerrit-PatchSet: 7
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Barak Azulay <bazulay at redhat.com>
Gerrit-Reviewer: Ofer Schreiber <oschreib at redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbonazzo at redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzaslavs at redhat.com>
Gerrit-Reviewer: oVirt Jenkins CI Server
More information about the Engine-commits
mailing list