[Engine-patches] Change in ovirt-engine[master]: pki: process template files not in-place

Thu, 31 Jan 2013 00:11:04 -0800 

Alon Bar-Lev has posted comments on this change.

Change subject: pki: process template files not in-place
......................................................................


Patch Set 1: (4 inline comments)

....................................................
File backend/manager/conf/ca/cert.template.in
Line 12: [ req_attributes ]
Line 13: 
Line 14: [ v3_ca ]
Line 15: subjectKeyIdentifier=hash
Line 16: authorityInfoAccess = caIssuers;URI:@AIA@
AIA is well known abbreviation for this field.
Line 17: authorityKeyIdentifier=keyid:always,issuer:always
Line 18: basicConstraints = CA:false
Line 19: keyUsage=critical,digitalSignature,keyEncipherment
Line 20: extendedKeyUsage=critical,serverAuth,clientAuth


....................................................
File packaging/fedora/setup/engine-setup.py
Line 919
Line 920
Line 921
Line 922
Line 923
Will move to processTemplate.


Line 926:             {
Line 927:                 '@AIA@': 'http://%s:%s/ca.crt' % (
Line 928:                     controller.CONF["HOST_FQDN"],
Line 929:                     controller.CONF["HTTP_PORT"],
Line 930:                 )
I really think this is clear... but OK.
Line 931:             }
Line 932:         )
Line 933: 
Line 934: def getFirewalls():


....................................................
File packaging/fedora/spec/ovirt-engine.spec.in
Line 680: 
Line 681: # PKI configuration files:
Line 682: %config(noreplace) %{engine_pki}/openssl.conf
Line 683: %config(noreplace) %{engine_pki}/cacert.template.in
Line 684: %config(noreplace) %{engine_pki}/cert.template.in
Yes, as far as I understand user may change these to suite their environment, 
before enrolling certificate.
Line 685: 
Line 686: # The certificate database files:
Line 687: %config(noreplace) %attr(-, %{engine_user}, %{engine_group}) 
%{engine_pki}/database.txt
Line 688: %config(noreplace) %attr(-, %{engine_user}, %{engine_group}) 
%{engine_pki}/serial.txt


--
To view, visit http://gerrit.ovirt.org/11577
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Iaba7b66633eb92b0b6602fb17218d5e844256dd3
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Alex Lourie <alou...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to