pki-ca-10.2.6-12.fc22$>Qn+pnR|>8?d   C          8 > HNN N N N fN ihNnNu&N{{N 0  ( 89:GsNHxNI}NX@YD\TN]N^bdefltNuNvL wlNxNCpki-ca10.2.612.fc22Certificate System - Certificate AuthorityThe Certificate Authority (CA) is a required PKI subsystem which issues, renews, revokes, and publishes certificates as well as compiling and publishing Certificate Revocation Lists (CRLs). The Certificate Authority can be configured as a self-signing Certificate Authority, where it is the root CA, or it can act as a subordinate CA, where it obtains its own signing certificate from a public CA. This package is one of the top-level java-based Tomcat PKI subsystems provided by the PKI Core used by the Certificate System. ================================== || ABOUT "CERTIFICATE SYSTEM" || ================================== Certificate System (CS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. PKI Core contains ALL top-level java-based Tomcat PKI components: * pki-symkey * pki-base * pki-tools * pki-server * pki-ca * pki-kra * pki-ocsp * pki-tks * pki-tps * pki-javadoc which comprise the following corresponding PKI subsystems: * Certificate Authority (CA) * Data Recovery Manager (DRM) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) For deployment purposes, PKI Core contains fundamental packages required by BOTH native-based Apache AND java-based Tomcat Certificate System instances consisting of the following components: * pki-tools Additionally, PKI Core contains the following fundamental packages required ONLY by ALL java-based Tomcat Certificate System instances: * pki-symkey * pki-base * pki-tools * pki-server PKI Core also includes the following components: * pki-javadoc Finally, if Certificate System is being deployed as an individual or set of standalone rather than embedded server(s)/service(s), it is strongly recommended (though not explicitly required) to include at least one PKI Theme package: * dogtag-pki-theme (Dogtag Certificate System deployments) * dogtag-pki-server-theme * redhat-pki-server-theme (Red Hat Certificate System deployments) * redhat-pki-server-theme * customized pki theme (Customized Certificate System deployments) * -pki-server-theme NOTE: As a convenience for standalone deployments, top-level meta packages may be provided which bind a particular theme to these certificate server packages.Varm04-builder11.arm.fedoraproject.org$Fedora ProjectFedora ProjectGPLv2Fedora ProjectSystem Environment/Daemonshttp://pki.fedoraproject.org/linuxnoarch=m:/t/"Jmb!6  aS8S }F}F+. g%~~[G7(b)mPb,j,D6R?w>kP@j% *S*L$,kI,A,:+A+3xu#%##"v3 D!_59/]  r>k D *z/.q'4r'M r[z_aX[c]fV  ~ } ~ } } } } | } s w)9)n>4B$H l:P<<>s &$9Qz]Nx t zg3;6 /BCEB%e !X[Bf)Ob  > QF yp_,k-H> q+Tq<`Ar q!,$6o6jPx]A큤AA큤AA큤A큤AA큤A큤AAA큤A큤AAA큤A큤A큤A큤A큤A큤A큤A큤VUVyVVVVVUUUUUUUUUUUUUVzUUUUUUUUUUUUUUUUUUUUUUUUVUUUUUUUUUUUUUUUUUUUUUUUUVVVzUVzUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUVUVVVUUVUUUVVVVVVVVVUUVUVUUUUUUUVUUVUUUUUUUVUUUUUUUUUUUUUUUVzVzUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUVzUUUUUUUUUUUUUUUUUUUUUVUUUUUUUVUUUUUUUUUUUUUUUUUUUUUUUUUVzUUUUUUUUUUVzVzUVzUUUVUUUUVUUUUUUUVzUUUUUUUUUUUUUUUUUVzd6bf5823021651d1cb53350adcf4bb818ac77768f5cbc43898ad06af1036b00e5de041e985123e4b041adae813935a5f588d49caa680c6501c2f7b9ef498f040a7a6c5177693b01c0ef450bb17d87a0353ba93dd2cd6d4d19f2161eacf01a0000c582ecd379d442745e4dc6ecdb90cddabb88b8105da6d2a3afcaf947850c0fc510d8b5eb3eb683ce4bff43b02515ef359fff8b5e322b811644d6d4f766ff94ed752e2c4d94eae21f21733f7c29edd4b68aa9ab66cbc488b8e72e222ed005240277ddc6b757beded687ee507fa73f615948fb989dc96194133294d398c31c28ecadccd1651bce737b0b440853001e33a08604fdfb2c619b50e70569c13d45607400b2c58282cc5958a930f3b3c7c0379fb101fcf612156c27ee2dd8ac254248d5a1829bf1b3c216ae4c9d4ee066772bc7f5afca577935c229d9bfdf80d75cb7dfda6ed2899eec8cd13343bd0acb4fd58d8e2e52d80a8158000559f2051e7faeabe8c77ce6524f8ba353420fbc0d2671fe4a708fe24b1cb3d69d68e9b551bbdd0e5007779fca32384e3d66b229c7e3f57257c0d44489543a11c69ebf559806c8c62daa03d882b0b0026d2c8aacfb4cd040899e1e68b230e66e69975f6d76180c6ead500b0c90a7da7bbb8602f999170020f81dcfa03d16a4a4d9caf259911676496ee4771ad578d8c320d7a6b74cf1e08b16fe4c3c80970ca93fdb27d45f99b232fd34bd48708f42358f9e4f81b3c37e0bfec93bc75bc7cb885405bab6f21f02a27ed767345475519c0b68cc96bd20f23cb2045c3829dcc72c67a4f1a133a7d155ec67643ebfdcec431c7d61966510fefc3e691ff14a09438257c5c23fe66d54bb14050386b6df46fef8e6214e41579d09c780d19d242741f29c2809ef973cefeb760a2dee6aef9a244f84690b0e80d22f419f277d615a90b129483aa669128f68c20c6a9881beb5076c205b18c5872880ba55b11e3d30337994d569a1505cd972024c52fe492fc10e9af7a7f3dc2f08daed6d3f5bc13ce0c8bdda30b85f0c69adf5210ee5b96c150ad8fe84a66e4c7c9121e5e1492e099bb25a0709192fb3b37767d3c20dc56e7c6f0ba342130b0160dd473330845cc80f17f5ea872d0fd503170133d3a61be873aedbc8e22682a05646fe9ab6b9192c8152df90cef92c78a19d37b0ad740db9a30932ac53203a46c4e4fa701f891d74fc185fcb8989f45d28cbcace48ed94b1a6cf7171f5ebe150102c2cde343df5b89acab2c2a6c29b9a04d448b089c45226bb2cf6dad3cdf581c3af18a90d6b911ccb66c7b2179a7a75fd1b64447c38772c25e2dc7560c668d93a517e4b8362084a311fa08966d000c1f06bca75eac7d894fd5cd1ea75a0ed89170c0d4d1580016ef8436ecf4e619543752303a3f673928e2839845976001deaec22af953bacd3b72fe5c49443a185a898cc277158a57cc5a4c98ccea71bd7c900bd2a8b69b1037c6dcd9464d8ee280753926d1e3ccc9375d6256e77b91817081f349ed0b5115ce58d43c2720c3473e5e4475b616597e5ca45e6e816149748a4c7fd6443ed8c585e675afec1f5317959ac93f9de3ac67f7ec677ec54d3e5cda612b21511aefd19e338c7f06a05c29006d6b0ad77ea756fee60f470c24f10e3a47ec403e8120a4ef0ab957cd292fda6905e6e1f16dfc4891efbc5f8b12d38381041f75aeef95dda09a3c728bac964a8660a1bdde4c0aefb36f1162726bb551a958e9ff0de0333133702e0312e1bbe8c64c60f940b149f3278ebe2f7040e9224cb5d49ad2e896b807877864ae209975fdba39fe55d9dabe5730b830109f5d6bad9227eea0387e9b425cbdf52e9aecb5044ddf44ec05cd32ac643ab96fbbac60177722f9b65e9e88234e89c434a691e079069d37b318051ba08e5401817cf220661cea7c9468dd5bf0c862f246b1d80f21c7a69acf0b3197a11d03adcc3a6bb604040047d335ffa81c8f548aa273a4d3cd67272590ff8bdf5c4ce6641c36030342b5a32395173e93bde51a9085c5df4d300bd66a4eaea68a3aeaa6f2afb66d32d060f4b66364eb137323057b41e15317cadeac4d6d5acb20866e54fee85799bcd373e3e1730fca6964bccf10e8013d3a17e47f96dbedbe367692626e7e482a595b66f3d8d166cf030208d11fe66ab03a23c2932ba6e2290c7c90da1fa7a23214b457d24fb03da037cdb5760e7a8d0cc402d5062ce39edcbc0f3951007855b1ed95d532e0d4ad8e3d9067a9ce3338346fc111b62ba6e2290c7c90da1fa7a23214b457d24fb03da037cdb5760e7a8d0cc402d5062ce39edcbc0f3951007855b1ed95d532e0d4ad8e3d9067a9ce3338346fc111b6b14b9f7733adbd8910b925566c7031f9ef5d4047f50445ada7a0120693e441254ceb0cc6142fd93688a16af692f0ea833fccab83ff002b27becc311ae4c26c91b3e83dd6fd1336b0e2e1a1826f21a57a176e053a043aa8c0c6f2321dbbaa6f144ceb0cc6142fd93688a16af692f0ea833fccab83ff002b27becc311ae4c26c91369297a91044bae9d61a8f61046e54fa9059a66f2c5c4bcbca9fa651f4c5e605ceadedbe484214d4af828832b12d046b1c3fabd6dd2c6e92edbd7c299c963a01a6e93e3ebfd7fd88da8c1b24ea4476e495b9ecae27c557ab8c7ecc8914601f8fa66fcdca8b12389353b0dcc4d49ab89737b638a4156e04ae83b7fd7ed195da17e97415f495943ae49ce5674e09006caf13a8afd978884edc44157639fcef3a6e5dd07496ebe2d7f236624fe4ff9ea4654e533cd6f136e276f185bc4ee75cc6a63208f569c98c16c37c2fb2e287b55027ecaf16ea80449fed310725854dd848504358d4fe7948b0d5cf868fe9304a7c564127640a6e2aeac5c3a536beb0f30fba963740e1b6bd2aff4d69dac938811dbdb5d5a49c12b1eae220c314482006e9b16f73d98598720631600d9968de72d1550ff500462b9da57abb117432c7c2e824dfd602c67136a59e64f6e463f78538691537a4d855d1034cf133218defd3a3c27b5263b640c4317d2ad295a3825daa259ce88b58313de8a55b03ca0fa8b8834dbf498a0033133d3db4f5fc11dd1176ede93866fcbae0768ad48dd6efa6c12b6c13dfe32cbaf6a722527147fbc65c9bb74983e5b5fd407b6aaa4d6ead305a3cf31b5044cda22e0d0e0fa8eb89bb703e68306d89fbfbb9f280780709b58ed6304caca2f9d7e9faad6d97528478c54bde1fc605ef25d0dd67db008e496411bddcc753d43ef8ca36086c8217ec0f600d25cba699565fc156a366be583f9ac46ef731df45a268c92322c7531db22bbbc58f428499fc4eb7bbcde80e968a980854314bef4e7b681576fe8c481641452ef66d279a8d24e0b691617d1aa099a47f32e94e24819425d088599d31c38f93071a8f888325055d9fd241c86a3a158a7d4ec5d4cf2249f7aa08045c7fd1b53c41112a23e4205d3a1a6b154192d1c3eb0f442a3953834b65d808a99515bedf7a4121ddbca86e67009e9cd89ef3109dc258d7bb3f5a4e516ec2c094a1fe12cac1000af5bc09d11f57a42ceb009c0ae0e161c9a536ea35cd0ca0d0200eb1e3f8b15c25f340c0da87fd0af795bc082fff63bde5ca7e84797df558e8c9ee9bef4c634b35389926b0857ebfe9a042532ef7e6fa15087b37e3434e53bee1206e740d0208bc6a98a53664d7866fd2415ff41b250d250052c15b4dca47fe0abc935826d6674354b2a9eb81594a489bc018784ed1ff576a6adfb7a88e34cd600866895abc79427621f9c4fdbb722f78bdeb99d86210f5ebb8579195012cc8e8dfb10bc343d7d8ddae5a19fc5ca5bbd3817ed63275689805cdfcb4033619b2d524a72a11215324ccc2f13916ae137ff195a844d484e1bc606f51daf7edd998615082846bcd693565beacfdb00f29cf9c6cacd38cefd3271c592cec4428ab3c118b6f0e4eaf437287cff742075e030af9bc7a06d7e4b70408ade4fe04e914e056085f6b9c2f54e7ad5971795ac27d7b7630b52b23fd20a4a0f194e44a2b7d9fad738911e16436b9413f404a7dac20c0a0ea7eccbcd2288d6d07ac60b5e837a32cb17b703ad850c3acea9b2d2b0271d1c2d588bc98b71312db4d1cd14841688893625d65368a0f97cd71765ce65c0a35e1235efbfa4ca770104cc3d1fcdcc592abe256d491e4312cad42852759a247f3feb6286ddf19ba194bd3069d6b7456f1a7305335ec03066f3ea46f1d707a59830dd326fb2f2135f6879854f2c89542fc7b8fa620a675df35c77830192df938b2c3b957d39ca26f0b4326f700ae5531a219f19e971d884a99c61b934cbf931a270fd995c50aae12ab135970be022f66c8e397e78d28a5ac6785fb0bb0d191988862f4343ee43ae949b43ad40aff77d4363f769a86297b917a143a7149995384559ea3dcbfcd111dfa1ec22b9c574da447f772ababc6cc0bd8bdf2f1e03871ab2f1cc65774be76d2fd99c0ab8b9b766ce0c9c4b86af31e9174aaac6ab8c2a17c9479fd3906eb8b524acd0877812bfb2b4fe5c7fc72561124c0c344004f90ecda6e79c3150be202858fc5ee99ffcff251bac5ce33e8319ce83dd0bb7d21aeb387e17803d3e8db9ae1018fee07666c66b5fb673672804c6d2bd6e9a0be680e93dd22d27f16e531cd74e4856939a4f45090d882a38f0560b4bc97edfe3596920f7ddf05f350c069a0b1d17badab8536c8e2af9fc501c29980527bc1a9d043e2a9e648c0e651ce3976d9b67127704d4ac6677298fa518c62e470ef3c5b4686a2e0179a2d80b505ef43e6ff913f29b7674caa7e72d7daec3e4a4fcd0599617306448573a8675220de6773bd93bf19bc178a0638383f1821b3bbc0e16fa4190bd5c2c071c4764647d502c00392a8112ff4f210054a6054984c3a7bd25be3d41744abdc2ddd9b3191783d460dd792439ca7f920cb7781404a4e41afaed4c27eb4788b4c3560fe15098927b159c3e26fa0212e2996d1e54db9a388eb07c1e94be78beceaa6ff0d36e3d5162f7dab7ad023de47293cb877ab808de670f28d2bd6499dbb2d357d43afc7cd23d86b4bdf3aa6974895bdc3bb4a3908363d61c0de2c934c1d47ea19483de74591876aab55f72cf4dfe9c88969bbd762c45a42b91b1396ad011b51fd338882a6ab602315cb7bff682ca2f5a26424d7ab5ce178c5b9e9a25d855ffc52e1b5dbc957142da46ab2e7ed49d41f75099bbb3998283617c5f590304ec64602cfb558ee28a6627008f27dd6e39d2940ed9ca211b2e9933622b08eb4dc4ae264f33952affdb1a2230e2ae72a904bc8e884cdc3e881037753f8918497e4ba574e2ff864e763a606fec3c2c42d5dafe7ee2df815e74f2bf84431f262525b45dbdbac0117eb16da3dbe25589ba27fdb16be3f624c580af8dd2e8136bef1bcf4019b9e820f9fee1ca9617d50442f0230e092659a6c6a79288ca26af63726d962040001e43b0207ecedbeb960c4be1111763c86b7ce007974c0be00a578fccec82f156138a7fa83121ef2d49e92191e2fd011783172788ea610f8548b1b8af0b3837126b0bcb451c4ecdd173e34f76b6fff3c534796a3b6bf6554cb02912b4e9cf242ac32308dbb188fc9fafe8e98d26730ff60f728d0e080cf63e44ec0bc72932c375894c729bda2b364a1272612c2005dcad021f513cc99590d3eddcbd0943208feb340699371199f997cf783a220f9ebf0c577f5211d831d28470392d0197189f131ca1a02c4ed8f581a28c74a22d4620b630e4d0f7b7de4e272dc7800c81eb7a195e2bc99471c8506ed45ebf578c49308c1e1b7e5968bc53ea08d21e293dc380d3d1c723475bd0cb60bfd9349c5452f0a648b172aadca29f5139d09823ee3a226758346c7c6308c2ed2a3f1dc88f8cc2e6060172097715954ec0ec652be99031c4992cd6f36eee6c9112f6553a6309e9e1b3363327a139d9701f7ebab8e6fb8d9bb3173d094a42daf159a229f9453b1a59f1d9745792e11756f8bade632479f283837a0631512f8e5bc9fe009aaee4c7204d5bf816b5ab96d2e9a73eff58bdfcc9e17f431fa486e5f0c25e6dc10a4988938955067f0da2b071600e2833c45e72805baefdaae7771d02c34fddd827bb3787c29c693ed2f29de843f057fc12f3a2ad9283008b04d7ec4f2dedc9da63421448684d6f7544a10a369578669042e231c16c29f6db86d6a4ccdfdc61d432215904ff460920f2842a73f0ac1bbaedb9cabbedf1ab16d83f727a104b07d590b7b0213ccba125c2416fc1ca98abf3cf4de5a66ff1aa8741dc4ed167186e454bf11475fb89e70283aebd7d3b913baa865e57d465418ac32295631ab9902c09334fc549604ff49152c6ab93e45b2d09989ed85c9e8de26953bdf3a4b905568083acb840a78085c4498d0acd4192ce83f44b9b6b564b15a09f03d05a8d02db6cb76bcd489336dd46456a450d413b08feca1af3b08cf97a67f641accec072bbc0374bfe46b421a3b330bc10214a4e39ad6311bbc113636d65008ffd9b3e8b9598e4ab4c3efc31cd6df27e75975bc3e822a437e799e5bd7b07cc37e535072a34ead2fe7b1b1e940905b004f4106f515f19224af74b2b22efcdc9e14de579b7308c382076527ac8af0ef8c8d83d60b8fb0f7fb94896845164115dc855d2bb48e5d5fe7582679c4afa34a96161b43727e4d233c852377f816fc381b97c669b8c2455081d4bfef31522c402fb6b9f3bfc5a4eccb377ec42c991adf9e8dafaed981036d0a377f444ab0b5290d9227ff22cb5af6937b68c103e99e8d3172aac6e54e57e8f36ad28e3e32dc8e51ff1af599896769b3c48093e21a6dba84f3d15db96c99ed9b1e1df26a4f4d6c857680da4ca2678350e5625954ee3fefb8d521810333aeda2d64988f5782b63b1073f51bd296a26854b524d53e60dbdacdb35eafbbf9535f7439a1058cf0f1a468f496de00ceb1890140a6a276423a3f333bf69cd204c132093cb6c9c7b22ac497fe1610374f07b386746d7446b87933c667be326cf6607d608b85790413bd433ec664feca16737ba828f45f5ea0433b2e2913eb3ac80b7d6ffb3baab717dd935f4a518a66217d842de41db118750bfca032bad419a6f82bbd137e91bbd264828b1df75d78b381ba80b6dee636915c65f1d8751212792244c81d2d36eee252da3015e52efee1f4f44d384085cb78a60956839f5822f87738239f70b690c14f1ec92693fe5d25673a489bee08bc7ed17f1d70b07956ec7e20c5872bb0fc9b68c21f9af676188b74c2972e7f51b8513e8e07d9f69b30836ab7097ebd6a77e2c076de66a17eccecd575819af3a569cc52805cff287a854aed1e65b7ec2ffaf46323890b2d60c3269e2817247633093f5b227aff5c104c375dd7eef0b81add4471bb3715b9bbe0a54540eb24f4696aed5955ae4995877551d390c622da0a49f6dac407f89fb8147cd17d357db18ab5ab4311f483e6024577dbec1c324869c9e29f38eb9ca56ccc907c18e33c925a83dc91e8898e858b715c14faa74b03b26c45c6059a6496763bd243597894510e8cc2a7efc7732456514ac4fbfee087058c1ac6389fe5374819473e0e793c8290597e8b8660d30413b9b53fc3566554ca79f902930fe1978537aa00ac61d9a010df29324be02929a5d306beceb95a8385129c644cbe8e957a27757f6e178c9f05cdc2d713adbee21e8fed40721fbaab023dc9c794c3b02493cf7cc56a9e48728b2a274a79e9f4d86ece11ea44f9acc01016eb5ab206e7fee95b41b911d489797f44e5d8b4178159063f820c31052718b7137e26966c916bce32770be4cf2c36f229e50f2f1a934fe4df17f9c73670dcf76d22e4b8f6c618e86b2143bb123666dfb3450771b3f66b5cd0794fc17e2f78cbbdb77e094af1c9a1c24ad6c71fdf64cfb08130b20a7564452f1047b82f24c12822a8196f9485280e95cdd2556f52d9109ba0bd3e743dc3707f30ed202675156e304bf3ce66b1bae13e4fea5981525bc7f55bb66076f45b6ec84908de13e20efa3270ef5f01083b0bde7c042f80b68715db7a0efc377c652b98791709aac41e15867ed2f85358ea3fcc3b20732d095e321da9a058bc316658cd9aa63ca80fccbf39f3e0d2acdd237bc5eae7c96c5767ac2f06f91738879ccff01533bc2e942d9e73be6c070cccc0a9bccedc4c8135562a4223b6a91eed7d45f2eefadd63a5dd405bd92871678b8f661849ab0d4b0f7b208ba9448c732a9dd17d45ef78ef2864d9c67b675815bb4f971dc1e725de8702b7346618151058552215eb3b776fa6f7f538cec287d215751fb66969b178f777f05afea006e32b353b50b047580eca1fd3be3cd869e92de49af8e0a9fddbcaa28fb0ddd96bc344a6fbe44d8479d18b059c5a6f4e4a985fa9bbfee537394599d300314096623925241f3d69775d10b669db1337566af6ff2cf8c586ab416051e98211845c71a0e0dcbd7a484045f35cb4d05fc81337faddc35fd35086b897951f91ec405229b539e8f5179b7990a87e2de752af025c7f85283177a141fcc4f3a7c2a6afffbc0f5d73677839bc34fafbdb75c06512ce06ffb57ece81c8c557ed802683455e8129824e0ec0e4d80e6773973339d388d2112e7022a36de20f6510c4253750775d4190fd892c8aeb44b3737a3b59669c26d356f233b8db1e43d9b188c72fb7c09798933f906a7944c2c24cd6df90763d9a3765ba98cfe5b486f334b8bbe2bb9ac2059943f28f63a8da438a22a9742c8844a50739c30a5d669994333a696506181e0cc5caa07a34d1e5e885b1233697229755158d3f8e2ea39e8987a3b2d8cb90b67dd925d156e59221add976e815aaf0f93853a2c239af893684cf515984065d0abe2545aaefea687d56418615df0d91af37341990e4d596819d242e60841052b636678d40f290eedf62857662e155f1380826b4bd92a0c830d3e0dfbad193dd5e802cf1b767bbab4c44cf8d97acb33dce60d2cc92cda1132587caebe8cc84543f9f045a7ce866b90abc940613524849cff907a7dbf8f90b518239ebd9230703ad17b7c94cffa31e90a6be76f3f1bef6acc896e338f4665a8bb0a7b7444940eed30a462160351d3bc35153a25a583de645c43c9560ad8c1ad9c0bad1af7e9e93e555fffbabd32b63be0028be4546757d9ea9c24916cb90ba7721e45d50bc700c4a2d8335a759ecffe5149c4a65119fb1b4f5480eaeeed96aac0ea23e71d3aeb2327c4b457a62bf6ccda0ebf877ba4d31079722e9beab14fef6a07701db4bf37c7c688ecf0419400b3978a51206df1b77d9b3303dfd784b67772b5a9fbbcc8a84bc7dd92b4387e6fda73a395f1b7511b111613d7597f0056d508ff2d833a514adab9aedcbfa2d7ff3e7425af81d9ae38a2c8a912bdb84100744b29e3e9d4bb53e5194b81831577404b25668cfffc93abfe375f29f41a260a46b5fc895ad4cae0e034d893521feb94e7c2f7f6cd9f54abfc03983332f16c3bf205dbac86f189b1e1482006d940b4b7257625db370e9916b86c1e8c73b5894efc2136d860a0042f63ed4f06b4a31534a28b10f8f7846c8370f7b10a4e310cbb2740e8ba539e6c79fc8743d5fcb07678412ca9c90e180cd0af7f745491b8572f06aa94828d4133c44155604cc8ff50d8f315ab04780167cc8807bd1a8fa24b69f7f4afd6535b3998a70f19f23e632dd3c0cef94a5de3cb97d7b565f65c361e0ad4692d9f02f82ce4fb5010770197186e454bf11475fb89e70283aebd7d3b913baa865e57d465418ac32295631ab8fca203559c8bfd115dba0a393f9f573f8a100d9302dee0f78d3207bf2a4c028356dd692296330cc0ba3f297c52adc0d343599156e65c37fb3429a637f58e83c9902c09334fc549604ff49152c6ab93e45b2d09989ed85c9e8de26953bdf3a4b905568083acb840a78085c4498d0acd4192ce83f44b9b6b564b15a09f03d05a861adc66b39c92960aa0726ea44f7d38beea119562ccb3012ca8de4ece1c42a8fbbf66b51584e51f2c5d56bb5ff4c3707dd615c1b5ca2a69267e59fd8da30f72ad1a8873e0b2ff3cb93001992026da72cb6c6ee448e594b22d08b114fc64405d6ba9cca83c59b3990f608dd4675eb4e8b633673757ce20ce8ed4bca9238e2369187708c7ff8033df37dff1133a7fdb0085a98fc9f15836bf33283ecd7bc313def9316334d8de979dd6a1004f4d2f73d4187259eb98ad1965e3ca517ed684225f786cc50e23d4fddf2260fe8caad48ec272beac8b974b8b2937b22cfefdcf57a59524441cea4978a4789dbc476f20c53e2e09b203c5c4ea9fa2674c761eee1c16f1c4cc673c9238190425e5cdd33c4877c40b03974a447cfe306b4c7b135b3feb06ae54b13a87ef748ce5fc536facb933cdf83bb5eaa1c5c54d6eb31d834b29a18a0cac6fc10f4222347ce22a9ad59236dc4e1b696771d226c97086bcbbc007b46e53863c294bc53bc93c8c20dc7303b16ccb91fe7daa8821f9017056298d1b2c9250e1006151d3355b629af800035a3ecb3210ff32cd8931577c330f49a54ddb2e38115fd2d7d5555eecdcaca26fa51784dbe247c561e50bad279655abbc99447ee682cd2c7577535ed451d40f8a84114fd40b0381ded67961395d0cd25e56ef64066b844eec381322e0b9a33d4cca8da2cb496a30282d5b07a1be64f9301c173dd32b574babc9fd4998e6a6ba5c72140aa50a58d07859677390e1ff3905fd6ab09604685e64adbd702e31756de2608f3b424fc740ab308d75963c455dc41c225d18130de9357523b2ee4c01fe1a0e9620b59ae85c7d98dc077bfae8648123540c68af273ed73b792a66ff440d1db30711353699966f2d015f0409abbce7377a6e699280c882b827d3993329a72aa1f00cbd11bdcbf176b0a48f143baa948b1f52b813f6be7b0e5f09279a021090e2146aab9e36132cf83fa257369e20cd6d8fd25e6dc10a4988938955067f0da2b071600e2833c45e72805baefdaae7771d02c34fddd827bb3787c29c693ed2f29de843f057fc12f3a2ad9283008b04d7ec4f24d7ecd35232aafb2bd6083492ae46c4335c01b232a908b25f7e9b11dd9546683f336ef5a53d13a61b00c634eae524dfda23f2d204c06f0d9fd3ff96ff797701198ba4568ea36ce8fd2873a83158c6d0f6419d35969b7b9280b87eb064a1ebc538ca984f60336a802744b21370ec7561086719a8384be9d2b2e8af31beeea05a9f8294c9a0284e2b5e7c497c60f7c2ba9891a1428cf71216e894b50a86a39dc3948cc42450f8ee59ff9efccce0b0475f797bf0d3f8c027f9fc125de8499350f604eca4f178184afb88622329fb755701d046579dd29c3b88a758a332a9acc5cd1a6ae12cddf4639e8f3d31a48aa0221fc4fdf75c58aa1f98d5a38fe312e1e889efe1c264c533c67d77d23b2bcdc4f8baf7976ab207ffc6d95995afda6c5861cb64463c2b3e26b9109bfed966b363af7d01c6d59b749961ed0198dae6ebdc17fbd1f8585e0e81c09436c5c16de682e1b73bcdd767051a8b00b0f4be2f096670a02879011aeffb1b35c018cd8157f5d78b8c1f8cd0d1a78ddc8266e5db16bd378ff5d7c77ab84d8452eb3ccc372e843435872fd6c94a021a44cab971b8eeb848f864fe46efcf813057d38972fb453695a06f23bbf7eaebd35a70c25a88c6529166b177bb134e85dfdc5b1922f54a7fd86daa624d6aeefd5fc022fc0955499d5bb7ef7971df927bf61cc94256c95d5070a7bf74ee3edf3560072223c89b7fa96b9399c9420c1d5d22d694d43e3f81622c459a94ff8ce829d6e47aeeab052135c718c5c23bec01a266f33a50960957f4d06a66b2e33c128f98941db3b761b787775dfeb5225f8e3bdfce9d7c3c69003fac7bd086ba754f208aa8a4ece6a6655e61cf04c151bf8ff1b35bd70a794c2d894f47faa0d94f0354ecaf5990ac0c4096f98c6e411ca8b5ed340056f76bd372ad23f2cc8c24febb3e836cee9b377076fc3934a86d6327f72899e2fad494c4239a84068ec09247e5efe8844083234c67a673f9142e301e77838cf0ca1068744b7852b84bcd9a9affb5ec97a7017117759edba85dea94952f8746843615cf0afe37fa3613ee063e8bc0362e8592a1694b80b948b7f13588fae30294e88d6bd7b146b924194dbcc338fdfeb3bdc3a3fd5d05be63a4cb0ad46b4e21297f2c64d9ad46fda722c3a074e39b68ebdc9f16316b7d5ed0a793ea1b5bc08518b8ffbbfbc350c38cfd5b078731cdbc36cb7dc26315cb79a9e7a6076e49563ba20538a64c25525e9395dedfaedb8ccee64c2c805a33d798d425efb7c5c3f704379cc63304f9eefd33697f98886cc04ec2c458bbaefdd7cc5f210336d6314f8554ffe2ebae997ea6ea7f260f725d7d259b086aa398c9c4ef8b083d990d17f9f346e0abfc7f8bf04130321a01c82638667a23baef617a82bc0fcf9e306016a956ffcb9d6d3217f7fe9cb9d1ec573d4bc6172473e50e74d12ec83d850f97b86a9e28fad3add483b93575978c314b0109615e74c9d5f6ef5f64f2f88595c18254f1e8abbd24882157ba346359f03b56cda69472b0243dbd8cdfd4256e8c69d83ed391e1b0a45b83fdd03aa08d32728215017255518ac3e8ba6d4cca6f8d5d555ed9fd626798009a1b550d758e0efe6d8d46ef8fe381d949a85fe7328e2bab90cacc6d55fa4d3e155a25ddff395a2c7ad8b4bcd95d74c25538c3ce5a019a0c0397f0ea729239fc19bbaf76d5d9b917c118ebc7e2b246e93c59085fa59ff700197985097813a0a903a2e291e7436b87f5ad87c47be8620eeedb9370164beae8045213310962af17b642e96ddd4ef68eb3b9a5b9b30b5ff3f972f23a69d6aabf166877f8a4bc7d5d854a69592e7742c83fb432f0e464d83884ba17314819abec162f5d97d82dfc40a45aba9724e0b8467f4839d6b49e55f23c3623a54caf18abaa61bd237a96e26bfed8a3dd521b243bd1e5aa8d4b8cefa6c981d420591fa6d15c90991becbd3bb10ea135858a31350a4d5943325a6e67a045d9aac961f84f64d4647456369e7473f7877b6d0ad5bd6d4ee44a0f0bed7edc22e1c9892909e7397311ce9b57a7c9169e1caa1042bf77825d35c6ee2dbea7e10425ef477636901d7a18c2610bb5b85af79029ce90ceb1b259bb0a9d8a9910504be1ac9287af6c9a7015606412cfd073924d7b56b215ca212500fd84a41f84ec567419ef90315c0f810e904b39e3744386cbb865ba558ce4745f2f9a54e0b4794e08079d7bf541d73db80a07e900793c17835e815d90e6fb69f6336379246af3dea464b3fc67e1cb0fe6a0269cd44933701829e472791dcbc4c714866762e397f4df7a29fb892f0f5092f854181f5ad350a2068ef133573d09541c8cf0ec0b9324e6419dac1f15f53a0b7e885ed0b9ff11513cba2e3f4cd0225bae44c162cf5b5a8af867ebfc5aad0b5b110b37e2562dc935f7546b1db528436fcb168712f8f2eeed25ae3b7c69838603148905e9b55c58db1c3741e9b4fe0621bee7d5b5f7709f90bc0649902c09334fc549604ff49152c6ab93e45b2d09989ed85c9e8de26953bdf3a4b905568083acb840a78085c4498d0acd4192ce83f44b9b6b564b15a09f03d05a82ed04d35bcc666a9d6c726343f6a74272a73589f05ea83af30517682e09ea6e4fd4ffde911f927f0f49f7672f42d188a15a03f779f2d76273b08cab3cf44e6af/usr/share/java/pki/pki-ca.jar/usr/share/java/pki/pki-certsrv.jar/usr/share/java/pki/pki-cms.jar/usr/share/java/pki/pki-cmsbundle.jar/usr/share/java/pki/pki-cmscore.jar/usr/share/java/pki/pki-cmsutil.jar/usr/share/java/pki/pki-nsutil.jar/usr/share/pki/server/webapps/pki/admin/consolerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpki-core-10.2.6-12.fc22.src.rpmpki-ca     java-headlesspki-serverrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemd-unitssystemd-unitssystemd-units1:1.7.010.2.6-12.fc223.0.4-14.6.0-14.0-15.2-14.12.0.1VJV=@V@V @U@U@U{@U@UnU(U4@U?U@UUU@U@Ua@Ud`@Ud`@UQ@U8U8U&iU"u@U hU@Tq@Tq@TTTsTJ?@T+T"@TTTk@S@S@SS@SS@SSS5d@RG@R Ru@R{RNRNR q@R q@RQQ@Q5Q@QQ(@QQ@Q@Q@Q~`Qzl@QyQw@QvwQu&@Qm=@QkQ^Q^Q^QHS@Q=@Q9Q8@Q8@Q4Q0@PDP[P@PqPP@PPPP@PP@PPPoP@PPPx@Pr@Pr@Pr@Pr@PnPnPnPj@PiPh4@PaP`K@PQPPy@PPy@PO'P?UP?UP?UP2&P2&P2&P,P(@PP@OjO@Oĺ@O9O O}@OqOleOc+@O`@O]@OYOP@ON@OLOF*@ODOB5O))@O@NwN@N{#@NiNf @NS@NBrN)f@N@M@M@MM@M@M@MMMRMK@MJMIG@M8#M5M.@M.@L8Dogtag Team 10.2.6-12Dogtag Team 10.2.6-11Dogtag Team 10.2.6-10Dogtag Team 10.2.6-9Dogtag Team 10.2.6-8Dogtag Team 10.2.6-7Dogtag Team 10.2.6-6Dogtag Team 10.2.6-5Dogtag Team 10.2.6-4Tomas Radej - 10.2.6-3Dogtag Team 10.2.6-2Dogtag Team 10.2.6-1Dogtag Team 10.2.6-0.3Dogtag Team 10.2.6-0.2Dogtag Team 10.2.6-0.1Dogtag Team 10.2.5-1Dogtag Team 10.2.5-0.2Dogtag Team 10.2.5-0.1Dogtag Team 10.2.4-1Dogtag Team 10.2.4-0.2Dogtag Team 10.2.4-0.1Dogtag Team 10.2.3-1Dogtag Team 10.2.3-0.1Dogtag Team 10.3.0-0.1Dogtag Team 10.2.3-0.1Dogtag Team 10.2.2-1Dogtag Team 10.2.2-0.1Dogtag Team 10.2.1-1Matthew Harmsen - 10.2.1-0.4Ade Lee 10.2.1-0.3Christina Fu 10.2.1-0.2Dogtag Team 10.2.1-0.1Ade Lee 10.2.0-3Matthew Harmsen - 10.2.0-2Dogtag Team 10.2.0-1Matthew Harmsen - 10.2.0-0.10Matthew Harmsen - 10.2.0-0.9Matthew Harmsen - 10.2.0-0.8Fedora Release Engineering - 10.2.0-0.5Jack Magne - 10.2.0-0.7Matthew Harmsen - 10.2.0-0.6Matthew Harmsen - 10.2.0-0.5Ade Lee - 10.2.0-0.4Fedora Release Engineering - 10.2.0-0.3Michael Simacek - 10.2.0-0.2Dogtag Team 10.2.0-0.1Ade Lee 10.1.0-1Ade Lee 10.1.0-0.14Ade Lee 10.1.0-0.13Ade Lee 10.1.0-0.12Ade Lee 10.1.0-0.11Endi S. Dewata 10.1.0-0.10Abhishek Koneru 10.1.0.0.9Abhishek Koneru 10.1.0.0.8Endi S. Dewata 10.1.0-0.7Endi S. Dewata 10.1.0-0.6Endi S. Dewata 10.1.0-0.5Ade Lee 10.1.0-0.4Endi S. Dewata 10.1.0-0.3Matthew Harmsen 10.1.0-0.2Ade Lee 10.1.0-0.1Endi S. Dewata 10.0.2-5Ade Lee 10.0.2-4Ade Lee 10.0.2-3Endi S. Dewata 10.0.2-2Ade Lee 10.0.2-1Ade Lee 10.0.2-0.8Endi S. Dewata 10.0.2-0.7Endi S. Dewata 10.0.2-0.6Ade Lee 10.0.2-0.5Endi S. Dewata 10.0.2-0.4Endi S. Dewata 10.0.2-0.3Endi S. Dewata 10.0.2-0.2Endi S. Dewata 10.0.2-0.1Endi S. Dewata 10.0.1-9Ade Lee 10.0.1-8Endi S. Dewata 10.0.1-7Matthew Harmsen 10.0.1-6Endi S. Dewata 10.0.1-5Endi S. Dewata 10.0.1-4Matthew Harmsen 10.0.1-3Matthew Harmsen 10.0.1-2Ade Lee 10.0.1-1Matthew Harmsen 10.0.0-5Matthew Harmsen 10.0.0-4Ade Lee 10.0.0-3Ade Lee 10.0.0-2Ade Lee 10.0.0-1Matthew Harmsen 10.0.0-0.56.b3Endi S. Dewata 10.0.0-0.55.b3Endi S. Dewata 10.0.0-0.54.b3Ade Lee 10.0.0-0.53.b3Ade Lee 10.0.0-0.52.b3Endi S. Dewata 10.0.0-0.51.b2Endi S. Dewata 10.0.0-0.50.b2Matthew Harmsen 10.0.0-0.49.b2Ade Lee 10.0.0-0.48.b2Matthew Harmsen 10.0.0-0.47.b1Ade Lee 10.0.0-0.46.b1Ade Lee 10.0.0-0.45.b1Ade Lee 10.0.0-0.44.b1Ade Lee 10.0.0-0.43.b1Ade Lee 10.0.0-0.42.b1Ade Lee 10.0.0-0.41.b1Ade Lee 10.0.0-0.40.b1Endi S. Dewata 10.0.0-0.40.a2Endi S. Dewata 10.0.0-0.39.a2Ade Lee 10.0.0-0.38.a2Endi S. Dewata 10.0.0-0.37.a2Ade Lee 10.0.0-0.36.a2Endi S. Dewata 10.0.0-0.36.a1Endi S. Dewata 10.0.0-0.35.a1Endi S. Dewata 10.0.0-0.34.a1Ade Lee 10.0.0-0.33.a1Matthew Harmsen 10.0.0-0.32.a1Endi S. Dewata 10.0.0-0.31.a1Endi S. Dewata 10.0.0-0.30.a1Endi S. Dewata 10.0.0-0.29.a1Endi S. Dewata 10.0.0-0.28.a1Endi S. Dewata 10.0.0-0.27.a1Endi S. Dewata 10.0.0-0.26.a1Endi S. Dewata 10.0.0-0.25.a1Endi S. Dewata 10.0.0-0.24.a1Matthew Harmsen 10.0.0-0.23.a1Endi S. Dewata 10.0.0-0.22.a1Endi S. Dewata 10.0.0-0.21.a1Matthew Harmsen 10.0.0-0.20.a1Matthew Harmsen 10.0.0-0.19.a1Matthew Harmsen 10.0.0-0.18.a1Endi S. Dewata 10.0.0-0.17.a1Matthew Harmsen 10.0.0-0.16.a1Ade Lee 10.0.0-0.15.a1Christina Fu 10.0.0-0.14.a1Endi S. Dewata 10.0.0-0.13.a1Endi S. Dewata 10.0.0-0.12.a1Ade Lee 10.0.0-0.11.a1Matthew Harmsen 10.0.0-0.10.a1Matthew Harmsen 10.0.0-0.9.a1Jack Magne 10.0.0-0.8.a1Matthew Harmsen 10.0.0-0.7.a1Endi S. Dewata 10.0.0-0.6.a1Ade Lee 10.0.0-0.5.a1Endi S. Dewata 10.0.0-0.4.a1Matthew Harmsen 10.0.0-0.3.a1Matthew Harmsen 10.0.0-0.2.a1Nathan Kinder 10.0.0-0.1.a1Ade Lee 9.0.16-3Endi S. Dewata 9.0.16-2Matthew Harmsen 9.0.16-1Matthew Harmsen 9.0.15-1Matthew Harmsen 9.0.14-1Ade Lee 9.0.13-1Matthew Harmsen 9.0.12-1Matthew Harmsen 9.0.11-1Matthew Harmsen 9.0.10-1Matthew Harmsen 9.0.9-1Matthew Harmsen 9.0.8-2Matthew Harmsen 9.0.8-1Matthew Harmsen 9.0.7-1Matthew Harmsen 9.0.6-2Matthew Harmsen 9.0.6-1Matthew Harmsen 9.0.5-2Matthew Harmsen 9.0.5-1Matthew Harmsen 9.0.4-1Matthew Harmsen 9.0.3-2Matthew Harmsen 9.0.3-1Matthew Harmsen 9.0.2-1Matthew Harmsen 9.0.1-3Matthew Harmsen 9.0.1-2Matthew Harmsen 9.0.1-1Matthew Harmsen 9.0.0-3Matthew Harmsen 9.0.0-2Matthew Harmsen 9.0.0-1- Changes due to F22 Tomcat version change to 7.0.68- PKI TRAC Ticket #1714 - mod_revocator and mod_nss dependency for tps should be removed [mharmsen] - PKI TRAC Ticket #456 - The user have a chance to import own CA certificate with private key [edewata] - PKI TRAC Ticket #1681 - pkispawn: External CA option: allow shutdown and restart between phase 1 and 2 [edewata] - PKI TRAC Ticket #1682 - Mismatching certificate validity calculation [edewata] - PKI TRAC Ticket #2040 - Determine supported javadoc options [mharmsen]- PKI TRAC Ticket #1700 - Profile creation (LDAPProfileSubsystem) can fail due to race condition [ftweedal] - PKI TRAC Ticket #1702 - getStatus reports ready before LDAPProfileSubsystem has loaded all profiles [ftweedal]- PKI TRAC Ticket #1551 - Upgraded CA lacks ca.sslserver.certreq in CS.cfg [edewata] - PKI TRAC Ticket #1595 - CA fails to authenticate to KRA for archival [edewata] - PKI TRAC Ticket #1551 - Upgraded CA lacks ca.sslserver.certreq in CS.cfg (added support for secure database authentication) [edewata] - PKI TRAC Ticket #1597 - KRA: key archival/recovery via cli - should honor encryption/decryption flags [jmagne] - PKI TRAC Ticket #1463 - pki cli client-cert-request should support dir based auth (4 patches) [edewata] - PKI TRAC Ticket #1593 - HSM failover support [cfu] - PKI TRAC Ticket #1623 - Runtime dependency on python-nss is missing [mharmsen]- PKI TRAC Ticket #1584 - man page for pki-user does not information about user-membership [edewata] - PKI TRAC Ticket #1583 - SC650 format/enroll fails [jmagne] - PKI TRAC Ticket #1307 - [RFE] Support multiple keySets for different cards for ExternalReg [cfu]- PKI TRAC Ticket #1546 - Setpin utility doesn't set the pin for users - minor tweak [jmagne] - PKI TRAC Ticket #1566 - non-CA subystem installations failing while trying to join security domain [cfu] - PKI TRAC Ticket #1575 - Internet Explorer 11: caUserCert request submission fails using the EE page [jmagne]- PKI TRAC Ticket #1549 - Enabling random serial number management does not enable the same in clone [alee] - PKI TRAC Ticket #1539 - Unable to create ECC KRA Instance when kra admin key type is ECC [cfu] - PKI TRAC Ticket #1538 - CA EE: List certificagtes with "do not show revoked certificates" selected is not working with paging [edewata] - PKI TRAC Ticket #1543 - CA console: edit/view of authentication instance of portalEnrollment type does not load any value that were set during creation [cfu] - PKI TRAC Ticket #1546 - Setpin utility doesn't set the pin for users [jmagne] - PKI TRAC Ticket #1556 - Weak HTTPS TLS ciphers [cfu]- PKI TRAC Ticket #1523 - Firefox warning [jmagne] - PKI TRAC Ticket #1414 - Add code to reindex data during cloning without replication [alee] - PKI TRAC Ticket #1522 - CA UI adds extra space in Base 64 encoded certificate display [mharmsen] - PKI TRAC Ticket #1535 - Fixed missing cert request hostname and address. [edewata] - PKI TRAC Ticket #1531 - Directory auth plugin requires LDAP anonymous binds [cfu] - PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI subsystems which are not accessible [mharmsen] - PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat shows an error page [mharmsen] - PKI TRAC Ticket #1253 - Temporary silence InsecureRequestWarning [cheimes] - PKI TRAC Ticket #1530 - Client pki-tools missing tomcat-servlet dependency [mharmsen] - PKI TRAC Ticket #1542 - Update tomcatjss dependency on Fedora 23 and later [mharmsen]- PKI TRAC Ticket #1414 - add option to pkispawn to NOT create replication agreements when cloning [alee] - PKI TRAC Ticket #1504 - Unable to create Admin cert with ECC during subsystem installation using pkispawn - remove noise file generation [alee] - PKI TRAC Ticket #1515 - TPS UI: After successful key upgrade during pin reset operation the token db still shows old key [jmagne] - PKI TRAC Ticket #1307 - [RFE] Support multiple keySets for different cards for ExternalReg [cfu] - PKI TRAC Ticket #1511 - op.format.externalRegAddToToken.revokeCert parameter missing in TPS CS.cfg [jmagne] - PKI TRAC Ticket #1524 - pkispawn: certutil options incorrect for creating ecc admin certificate [mharmsen]- Updated dep on policycoreutils-python-utils [Fedora 23 and later]- PKI TRAC Ticket #1506 - PKCS12Export tool returns error- Update release number for release build- Remove setup directory and remaining Perl dependencies- Remove ExcludeArch directive- Updated version number to 10.2.6-0.1- Update release number for release build- Resolves rhbz #1230970 - Errata TPS tests for rpm verification failed- Updated version number to 10.2.5-0.1- Update release number for release build- Updated nuxwdog and tomcatjss requirements (alee)- Updated version number to 10.2.4-0.1 - Added nuxwdog systemd files- Update release number for release build- Reverted version number back to 10.2.3-0.1 - Added support for Tomcat 8.- Updated version number to 10.3.0-0.1- Updated version number to 10.2.3-0.1- Update release number for release build- Updated version number to 10.2.2-0.1 - Moved web application deployment locations. - Updated Resteasy and Jackson dependencies. - Added missing python-lxml build dependency.- Update release number for release build- PKI TRAC Ticket #1187 - mod_perl should be removed from requirements for 10.2 - PKI TRAC Ticket #1205 - Outdated selinux-policy dependency. - Removed perl(XML::LibXML), perl-Crypt-SSLeay, and perl-Mozilla-LDAP runtime dependencies- Change resteasy dependencies for F22+- Ticket 1198 Bugzilla 1158410 add TLS range support to server.xml by default and upgrade (cfu) - PKI Trac Ticket #1211 - New release overwrites old source tarball (mharmsen) - up the release number to 0.2- Updated version number to 10.2.1-0.1. - Added CLIs to simplify generating user certificates - Added enhancements to KRA Python API - Added a man page for pki ca-profile commands. - Added python api docs- Disable pylint dependency for RHEL builds - Added jakarta-commons-httpclient requirements - Added tomcat version for RHEL build - Added resteasy-base-client for RHEL build- PKI TRAC Ticket #1130 - Add RHEL/CentOS conditionals to spec- Update release number for release build- PKI TRAC Ticket #1017 - Rename pki-tps-tomcat to pki-tps- Merged jmagne@redhat.com's spec file changes from the stand-alone 'pki-tps-client' package needed to build/run the native 'tpsclient' command line utility into this 'pki-core' spec file under the 'tps' package. - Original tps libararies must be built to support this native utility. - Modifies tps package from 'noarch' into 'architecture-specific' package- PKI TRAC Ticket #1127 - Remove 'pki-ra', 'pki-setup', and 'pki-silent' packages . . .- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Respin to include the applet files with the rpm install. No change to spec file needed.- Bugzilla Bug #1120045 - pki-core: Switch to java-headless (build)requires -- drop dependency on java-atk-wrapper - Removed 'java-atk-wrapper' dependency from 'pki-server'- PKI TRAC Ticket #832 - Remove legacy 'systemctl' files . . .- Update rawhide build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Use Requires: java-headless rebuild (#1067528)- Added option to build without server packages. - Replaced Jettison with Jackson. - Added python-nss build requirement - Bugzilla Bug #1057959 - pkispawn requires policycoreutils-python - TRAC Ticket #840 - pkispawn requires policycoreutils-python - Updated requirements for resteasy - Added template files for archive, retrieve and generate key requests to the client package.- Trac Ticket 788 - Clean up spec files - Update release number for release build - Updated requirements for resteasy- Change release number for beta build- Updated requirements for tomcat- Removed additional /var/run, /var/lock references.- Removed delivery of /var/lock and /var/run directories for fedora 20.- Moved Tomcat-based TPS into pki-core.- Listed new packages required during build, due to issues reported by pylint. - Packages added: python-requests, python-ldap, libselinux-python, policycoreutils-python- Added pylint scan to the build process.- Added man pages for upgrade tools.- Cleaned up the code to install man pages.- Reorganized deployment tools.- Bugzilla Bug 973224 - resteasy-base must be split into subpackages to simplify dependencies- Updated dependencies to Java 1.7.- TRAC Ticket 606 - add restart / start at boot info to pkispawn man page - TRAC Ticket 610 - Document limitation in using GUI install - TRAC Ticket 629 - Package ownership of '/usr/share/pki/etc/' directory- Change release number for 10.1 development- Fixed incorrect JNI_JAR_DIR.- TRAC Ticket 605 Junit internal function used in TestRunner, breaks F19 build- TRAC Ticket 604 Added fallback methods for pkispawn tests- Added default pki.conf in /usr/share/pki/etc - Create upgrade tracker on install and remove it on uninstall- Change release number for official release.- Added %pretrans script for f19 - Added java-atk-wrapper dependency- Added pki-server-upgrade script and pki.server module. - Call upgrade scripts in %post for pki-base and pki-server.- Added dependency on commons-io.- Add /var/log/pki and /var/lib/pki directories- Run pki-upgrade on post server installation.- Added dependency on python-lxml.- Added pki-upgrade script.- Updated version number to 10.0.2-0.1.- Renamed base/deploy to base/server. - Moved pki.conf into pki-base. - Removed redundant pki/server folder declaration.- Removed jython dependency- Added minimum python-requests version.- Bugzilla Bug #919476 - pkispawn crashes due to dangling symlink to jss4.jar- Added dependency on python-requests. - Reorganized Python module packaging.- Added dependency on python-ldap.- TRAC Ticket #517 - Clean up theme dependencies - TRAC Ticket #518 - Remove UI dependencies from pkispawn . . .- Removed runtime dependency on 'pki-server-theme' to resolve Bugzilla Bug #916134 - unresolved dependency in pki-server: pki-server-theme- TRAC Ticket 214 - Missing error description for duplicate user - TRAC Ticket 213 - Add nonces for cert revocation - TRAC Ticket 367 - pkidestroy does not remove connector - TRAC Ticket #430 - License for 3rd party code - Bugzilla Bug 839426 - [RFE] ECC CRL support for OCSP - Fix spec file to allow f17 to work with latest tomcatjss - TRAC Ticket 466 - Increase root CA validity to 20 years - TRAC Ticket 469 - Fix tomcatjss issue in spec files - TRAC Ticket 468 - pkispawn throws exception - TRAC Ticket 191 - Mapping HTTP Exceptions to HTTP error codes - TRAC Ticket 271 - Dogtag 10: Fix 'status' command in 'pkidaemon' . . . - TRAC Ticket 437 - Make admin cert p12 file location configurable - TRAC Ticket 393 - pkispawn fails when selinux is disabled - Punctuation and formatting changes in man pages - Revert to using default config file for pkidestroy - Hardcode setting of resteasy-lib for instance - TRAC Ticket 436 - Interpolation for pki_subsystem - TRAC Ticket 433 - Interpolation for paths - TRAC Ticket 435 - Identical instance id and instance name - TRAC Ticket 406 - Replace file dependencies with package dependencies- TRAC Ticket #430 - License for 3rd party code- TRAC Ticket #469 - Dogtag 10: Fix tomcatjss issue in pki-core.spec and dogtag-pki.spec . . . - TRAC Ticket #468 - pkispawn throws exception- Replaced file dependencies with package dependencies- Updated man pages- Update to official release for rc1- TRAC Ticket #315 - Man pages for pkispawn/pkidestroy. - Added place-holders for 'pki.1' and 'pki_default.cfg.5' man pages.- Added system-wide configuration /etc/pki/pki.conf. - Removed redundant lines in %files.- Moved default deployment configuration to /etc/pki.- Cleaned up spec file to provide only support rhel 7+, f17+ - Added resteasy-base dependency for rhel 7 - Update cmake version- Update release to b3- Removed dependency on CA, KRA, OCSP, TKS theme packages.- Renamed pki-common-theme to pki-server-theme.- TRAC Ticket #395 - Dogtag 10: Add a Tomcat 7 runtime requirement to 'pki-server'- Update release to b2- TRAC Ticket #350 - Dogtag 10: Remove version numbers from PKI jar files . . .- Added Obsoletes for pki-selinux- Remove build of pki-selinux for f18, use system policy instead- Update required tomcatjss version - Added net-tools dependency- Update selinux-policy version to fix error from latest policy changes- Fix typo in selinux policy versions- Added build requires for correct version of selinux-policy-devel- Update release to b1- Merged pki-silent into pki-server.- Renamed "shared" folder to "server".- Added required selinux versions for new policy.- Added Provides to packages replacing obsolete packages.- Update release to a2- Modified CMake to use RPM version number- Added VERSION file- Merged pki-setup into pki-server- Added Conflicts for IPA 2.X - Added build requires for zip to work around mock problem- TRAC Ticket #312 - Dogtag 10: Automatically restart any running instances upon RPM "update" . . . - TRAC Ticket #317 - Dogtag 10: Move "pkispawn"/"pkidestroy" from /usr/bin to /usr/sbin . . .- Fixed pki-server to include everything in shared dir.- Added build dependency on redhat-rpm-config.- Merged Javadoc packages.- Added pki-tomcat.jar.- Moved webapp creation code into pkispawn.- Split pki-client.jar into pki-certsrv.jar and pki-tools.jar.- Merged pki-native-tools and pki-java-tools into pki-tools. - Modified pki-server to depend on pki-tools.- Split pki-common into pki-base and pki-server. - Merged pki-util into pki-base. - Merged pki-deploy into pki-server.- Updated release of 'tomcatjss' to rely on Tomcat 7 for Fedora 17 - Changed Dogtag 10 build-time and runtime requirements for 'pki-deploy' - Altered PKI Package Dependency Chain (top-to-bottom): pki-ca, pki-kra, pki-ocsp, pki-tks --> pki-deploy --> pki-common- Added pki-client.jar.- Merged pki-jndi-realm.jar into pki-cmscore.jar.- PKI TRAC Task #254 - Dogtag 10: Fix spec file to build successfully via mock on Fedora 17 . . .- Moved 'pki-jndi-real.jar' link from 'tomcat6' to 'tomcat' (Tomcat 7)- Updated release of 'tomcatjss' to rely on Tomcat 7 for Fedora 18- Added CLI for REST services- Integration of Tomcat 7 - Addition of centralized 'pki-tomcatd' systemd functionality to the PKI Deployment strategy - Removal of 'pki_flavor' attribute- BZ 813075 - selinux denial for file size access- Bug 745278 - [RFE] ECC encryption keys cannot be archived- Replaced candlepin-deps with resteasy- Added option to build without Javadoc- BZ 802396 - Change location of TOMCAT_LOG to match tomcat6 changes - Corrected patch selected for selinux f17 rules- Corrected 'junit' dependency check- Initial attempt at PKI deployment framework described in 'http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment'.- Added support for pki-jndi-realm in tomcat6 in pki-common and pki-kra. - Ticket #69.- For 'mock' purposes, removed platform-specific logic from around the 'patch' files so that ALL 'patch' files will be included in the SRPM.- Removed dependency on OSUtil.- 'pki-selinux' - Added platform-dependent patches for SELinux component - Bugzilla Bug #739708 - Selinux fix for ephemeral ports (F16) - Bugzilla Bug #795966 - pki-selinux policy is kind of a mess (F17)- Added dependency on Apache Commons Codec.- Add '-DSYSTEMD_LIB_INSTALL_DIR' override flag to 'cmake' to address changes in fundamental path structure in Fedora 17 - 'pki-setup' - Hard-code Perl dependencies to protect against bugs such as Bugzilla Bug #772699 - Adapt perl and python fileattrs to changed file 5.10 magics - 'pki-selinux' - Bugzilla Bug #795966 - pki-selinux policy is kind of a mess- Integrated 'pki-kra' into 'pki-core' - Integrated 'pki-ocsp' into 'pki-core' - Integrated 'pki-tks' into 'pki-core' - Bugzilla Bug #788787 - added 'junit'/'junit4' build-time requirements- Updated package version number- Added resteasy-jettison-provider-2.3-RC1.jar to pki-setup- Added JUnit tests- 'pki-setup' - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping unwrapping keys should be done in the token (cfu) - 'pki-java-tools' - 'pki-common' - Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the in-place upgrade( CS 8.0->8.1) (cfu) - 'pki-selinux' - 'pki-ca' - Bugzilla Bug #746367 - Typo in the profile name. (jmagne) - Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping unwrapping keys should be done in the token (cfu) - Bugzilla Bug #749927 - Java class conflicts using Java 7 in Fedora 17 (rawhide) . . . (mharmsen) - Bugzilla Bug #749945 - Installation error reported during CA, DRM, OCSP, and TKS package installation . . . (mharmsen) - 'pki-silent'- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . (mharmsen) - Bugzilla Bug #699809 - Convert CS to use systemd (alee) - 'pki-setup' - Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu) - Bugzilla Bug #737192 - Need script to upgrade proxy configuration (alee) - 'pki-symkey' - Bugzilla Bug #730162 - TPS/TKS token enrollment failure in FIPS mode (hsm+NSS). (jmagne) - 'pki-native-tools' - Bugzilla Bug #730801 - Coverity issues in native-tools area (awnuk) - Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu) - 'pki-util' - Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu) - 'pki-java-tools' - 'pki-common' - Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu) - Bugzilla Bug #737218 - Incorrect request attribute name matching ignores request attributes during request parsing. (awnuk) - Bugzilla Bug #730162 - TPS/TKS token enrollment failure in FIPS mode (hsm+NSS). (jmagne) - 'pki-selinux' - Bugzilla Bug #739708 - pki-selinux lacks rules in F16 (alee) - 'pki-ca' - Bugzilla Bug #712931 - CS requires too many ports to be open in the FW (alee) - Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu) - 'pki-silent' - Bugzilla Bug #739201 - pkisilent does not take arch into account as Java packages migrated to arch-dependent directories (mharmsen)- 'pki-setup' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - 'pki-symkey' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - 'pki-native-tools' - 'pki-util' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - 'pki-java-tools' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - 'pki-common' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - 'pki-selinux' - 'pki-ca' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . - Bugzilla Bug #699809 - Convert CS to use systemd (alee) - 'pki-silent' - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .- 'pki-setup' - Bugzilla Bug #699809 - Convert CS to use systemd (alee) - 'pki-ca' - Bugzilla Bug #699809 - Convert CS to use systemd (alee) - 'pki-common' - Bugzilla Bug #699809 - Convert CS to use systemd (alee)- 'pki-setup' - Bugzilla Bug #712931 - CS requires too many ports to be open in the FW (alee) - 'pki-symkey' - 'pki-native-tools' - Bugzilla Bug #717643 - Fopen without NULL check and other Coverity issues (awnuk) - Bugzilla Bug #730801 - Coverity issues in native-tools area (awnuk) - 'pki-util' - 'pki-java-tools' - 'pki-common' - Bugzilla Bug #700522 - pki tomcat6 instances currently running unconfined, allow server to come up when selinux disabled (alee) - Bugzilla Bug #731741 - some CS.cfg nickname parameters not updated correctly when subsystem cloned (using hsm) (alee) - Bugzilla Bug #712931 - CS requires too many ports to be open in the FW (alee) - 'pki-selinux' - Bugzilla Bug #712931 - CS requires too many ports to be open in the FW (alee) - 'pki-ca' - Bugzilla Bug #712931 - CS requires too many ports to be open in the FW (alee) - 'pki-silent'- 'pki-setup' - Bugzilla Bug #689909 - Dogtag installation under IPA takes too much time - remove the inefficient sleeps (alee) - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Bugzilla Bug #724861 - DRMTool: fix duplicate "dn:" records by renumbering "cn=" (mharmsen) - 'pki-common' - Bugzilla Bug #717041 - Improve escaping of some enrollment inputs like (jmagne, awnuk) - Bugzilla Bug #689909 - Dogtag installation under IPA takes too much time - remove the inefficient sleeps (alee) - Bugzilla Bug #708075 - Clone installation does not work over NAT (alee) - Bugzilla Bug #726785 - If replication fails while setting up a clone it will wait forever (alee) - Bugzilla Bug #728332 - xml output has changed on cert requests (awnuk) - Bugzilla Bug #700505 - pki tomcat6 instances currently running unconfined (alee) - 'pki-selinux' - Bugzilla Bug #700505 - pki tomcat6 instances currently running unconfined (alee) - 'pki-ca' - Bugzilla Bug #728605 - RFE: increase default validity from 6mo to 2yrs in IPA profile (awnuk) - 'pki-silent' - Bugzilla Bug #689909 - Dogtag installation under IPA takes too much time - remove the inefficient sleeps (alee)- 'pki-setup' - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - Bugzilla Bug #719007 - Key Constraint keyParameter being ignored using an ECC CA to generate ECC certs from CRMF. (jmagne) - Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding for any component value which is equal to its default value (alee) - 'pki-java-tools' - 'pki-common' - Bugzilla Bug #720510 - Console: Adding a certificate into nethsm throws Token not found error. (jmagne) - Bugzilla Bug #719007 - Key Constraint keyParameter being ignored using an ECC CA to generate ECC certs from CRMF. (jmagne) - Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding for any component value which is equal to its default value (alee) - Bugzilla Bug #722989 - Registering an agent when a subsystem is created - does not log AUTHZ_SUCCESS event. (alee) - 'pki-selinux' - 'pki-ca' - Bugzilla Bug #719113 - Add client usage flag to caIPAserviceCert (awnuk) - 'pki-silent'- Updated release of 'jss' - Updated release of 'tomcatjss' for Fedora 15 - 'pki-setup' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser (jdennis) - Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-symkey' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-native-tools' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #717765 - TPS configuration: logging into security domain from tps does not work with clientauth=want. (alee) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-util' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-java-tools' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #532548 - Tool to do DRM re-key (mharmsen) - Bugzilla Bug #532548 - Tool to do DRM re-key (config file and record processing) (mharmsen) - Bugzilla Bug #532548 - Tool to do DRM re-key (tweaks) (mharmsen) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-common' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #695403 - Editing signedaudit or transaction, system logs throws 'Invalid protocol' for OCSP subsystems (alee) - Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee) - Bugzilla Bug #695015 - Serial No. of a revoked certificate is not populated in the CA signedAudit messages (alee) - Bugzilla Bug #694143 - CA Agent not returning specified request (awnuk) - Bugzilla Bug #695015 - Serial No. of a revoked certificate is not populated in the CA signedAudit messages (jmagne) - Bugzilla Bug #698885 - Race conditions during IPA installation (alee) - Bugzilla Bug #704792 - CC_LAB_EVAL: CA agent interface: SubjectID=$Unidentified$ fails audit evaluation (jmagne) - Bugzilla Bug #705914 - SCEP mishandles nicknames when processing subsequent SCEP requests. (awnuk) - Bugzilla Bug #661142 - Verification should fail when a revoked certificate is added. (jmagne) - Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs for modify/add (alee) - Bugzilla Bug #707416 - additional audit messages for GetCookie (alee) - Bugzilla Bug #707607 - Published certificate summary has list of non-published certificates with succeeded status (jmagne) - Bugzilla Bug #717813 - EV_AUDIT_LOG_SHUTDOWN audit log not generated for tps and ca on server shutdown (jmagne) - Bugzilla Bug #697939 - DRM signed audit log message - operation should be read instead of modify (jmagne) - Bugzilla Bug #718427 - When audit log is full, server continue to function. (alee) - Bugzilla Bug #718607 - CC_LAB_EVAL: No AUTH message is generated in CA's signedaudit log when a directory based user enrollment is performed (jmagne) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-selinux' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #720503 - RA and TPS require additional SELinux permissions to run in "Enforcing" mode (alee) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-ca' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser (jdennis) - Bugzilla Bug #699837 - service command is not fully backwards compatible with Dogtag pki subsystems (mharmsen) - Bugzilla Bug #649910 - Console: an auditor or agent can be added to an administrator group. (jmagne) - Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs for modify/add (alee) - Bugzilla Bug #716269 - make ra authenticated profiles non-visible on ee pages (alee) - Bugzilla Bug #718621 - CC_LAB_EVAL: PRIVATE_KEY_ARCHIVE_REQUEST occurs for a revocation invoked by EE user (awnuk) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen) - 'pki-silent' - Bugzilla Bug #695157 - Auditverify on TPS audit log throws error. (mharmsen) - Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)- 'pki-setup' - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Added 'DRMTool.cfg' configuration file to inventory - 'pki-common' - 'pki-selinux' - 'pki-ca' - 'pki-silent'- 'pki-setup' - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Bugzilla Bug #532548 - Tool to do DRM re-key - 'pki-common' - 'pki-selinux' - 'pki-ca' - 'pki-silent'- 'pki-setup' - Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser - Bugzilla Bug #694569 - parameter used by pkiremove not updated - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - 'pki-common' - Bugzilla Bug #695403 - Editing signedaudit or transaction, system logs throws 'Invalid protocol' for OCSP subsystems - Bugzilla Bug #694569 - parameter used by pkiremove not updated - Bugzilla Bug #695015 - Serial No. of a revoked certificate is not populated in the CA signedAudit messages - Bugzilla Bug #694143 - CA Agent not returning specified request - Bugzilla Bug #695015 - Serial No. of a revoked certificate is not populated in the CA signedAudit messages - Bugzilla Bug #698885 - Race conditions during IPA installation - 'pki-selinux' - 'pki-ca' - Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser - Bugzilla Bug #699837 - service command is not fully backwards compatible with Dogtag pki subsystems - 'pki-silent'- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.- Bugzilla Bug #690950 - Update Dogtag Packages for Fedora 15 (beta) - Bugzilla Bug #693327 - Missing requires: tomcatjss - 'pki-setup' - Bugzilla Bug #690626 - pkiremove removes the registry entry for all instances on a machine - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Bugzilla Bug #689453 - CRMFPopClient request to CA's unsecure port throws file not found exception. - 'pki-common' - Bugzilla Bug #692990 - Audit log messages needed to match CC doc: DRM Recovery audit log messages - 'pki-selinux' - 'pki-ca' - 'pki-silent'- Bugzilla Bug #693327 - Missing requires: tomcatjss- Bugzilla Bug #690950 - Update Dogtag Packages for Fedora 15 (beta) - Require "jss >= 4.2.6-15" as a build and runtime requirement - Require "tomcatjss >= 2.1.1" as a build and runtime requirement for Fedora 15 and later platforms - 'pki-setup' - Bugzilla Bug #688287 - Add "deprecation" notice regarding using "shared ports" in pkicreate -help . . . - Bugzilla Bug #688251 - Dogtag installation under IPA takes too much time - SELinux policy compilation - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Bugzilla Bug #689501 - ExtJoiner tool fails to join the multiple extensions - 'pki-common' - Bugzilla Bug #683581 - CA configuration with ECC(Default EC curve-nistp521) CA fails with 'signing operation failed' - Bugzilla Bug #689662 - ocsp publishing needs to be re-enabled on the EE port - 'pki-selinux' - Bugzilla Bug #684871 - ldaps selinux link change - 'pki-ca' - Bugzilla Bug #683581 - CA configuration with ECC(Default EC curve-nistp521) CA fails with 'signing operation failed' - Bugzilla Bug #684381 - CS.cfg specifies incorrect type of comments - Bugzilla Bug #689453 - CRMFPopClient request to CA's unsecure port throws file not found exception.(profile and CS.cfg only) - 'pki-silent'- Bugzilla Bug #688763 - Rebase updated Dogtag Packages for Fedora 15 (alpha) - Bugzilla Bug #676182 - IPA installation failing - Fails to create CA instance - Bugzilla Bug #675742 - Profile caIPAserviceCert Not Found - 'pki-setup' - Bugzilla Bug #678157 - uninitialized variable warnings from Perl - Bugzilla Bug #679574 - Velocity fails to load all dependent classes - Bugzilla Bug #680420 - xml-commons-apis.jar dependency - Bugzilla Bug #682013 - pkisilent needs xml-commons-apis.jar in it's classpath - Bugzilla Bug #673508 - CS8 64 bit pkicreate script uses wrong library name for SafeNet LunaSA - 'pki-common' - Bugzilla Bug #673638 - Installation within IPA hangs - Bugzilla Bug #678715 - netstat loop fixes needed - Bugzilla Bug #673609 - CC: authorize() call needs to be added to getStats servlet - 'pki-selinux' - Bugzilla Bug #674195: SELinux error message thrown during token enrollment - 'pki-ca' - Bugzilla Bug #673638 - Installation within IPA hangs - Bugzilla Bug #673609 - CC: authorize() call needs to be added to getStats servlet - Bugzilla Bug #676330 - init script cannot start service - 'pki-silent' - Bugzilla Bug #682013 - pkisilent needs xml-commons-apis.jar in it's classpath- 'pki-common' - Bugzilla Bug #676051 - IPA installation failing - Fails to create CA instance - Bugzilla Bug #676182 - IPA installation failing - Fails to create CA instance- 'pki-common' - Bugzilla Bug #674894 - ipactl restart : an annoy output line - Bugzilla Bug #675179 - ipactl restart : an annoy output line- Bugzilla Bug #673233 - Rebase pki-core to pick the latest features and fixes - 'pki-setup' - Bugzilla Bug #673638 - Installation within IPA hangs - 'pki-symkey' - 'pki-native-tools' - 'pki-util' - 'pki-java-tools' - Bugzilla Bug #673614 - CC: Review of cryptographic algorithms provided by 'netscape.security.provider' package - 'pki-common' - Bugzilla Bug #672291 - CA is not publishing certificates issued using "Manual User Dual-Use Certificate Enrollment" - Bugzilla Bug #670337 - CA Clone configuration throws TCP connection error. - Bugzilla Bug #504056 - Completed SCEP requests are assigned to the "begin" state instead of "complete". - Bugzilla Bug #504055 - SCEP requests are not properly populated - Bugzilla Bug #564207 - Searches for completed requests in the agent interface returns zero entries - Bugzilla Bug #672291 - CA is not publishing certificates issued using "Manual User Dual-Use Certificate Enrollment" - - Bugzilla Bug #673614 - CC: Review of cryptographic algorithms provided by 'netscape.security.provider' package - Bugzilla Bug #672920 - CA console: adding policy to a profile throws 'Duplicate policy' error in some cases. - Bugzilla Bug #673199 - init script returns control before web apps have started - Bugzilla Bug #674917 - Restore identification of Tomcat-based PKI subsystem instances - 'pki-selinux' - 'pki-ca' - Bugzilla Bug #504013 - sscep request is rejected due to authentication error if submitted through one time pin router certificate enrollment. - Bugzilla Bug #672111 - CC doc: certServer.usrgrp.administration missing information - Bugzilla Bug #583825 - CC: Obsolete servlets to be removed from web.xml as part of CC interface review - Bugzilla Bug #672333 - Creation of RA agent fails in IPA installation - Bugzilla Bug #674917 - Restore identification of Tomcat-based PKI subsystem instances - 'pki-silent' - Bugzilla Bug #673614 - CC: Review of cryptographic algorithms provided by 'netscape.security.provider' package- Bugzilla Bug #656661 - Please Update Spec File to use 'ghost' on files in /var/run and /var/lock- 'pki-symkey' - Bugzilla Bug #671265 - pki-symkey jar version incorrect - 'pki-common' - Bugzilla Bug #564207 - Searches for completed requests in the agent interface returns zero entries- Allow 'pki-native-tools' to be installed independently of 'pki-setup' - Removed explicit 'pki-setup' requirement from 'pki-ca' (since it already requires 'pki-common') - 'pki-setup' - Bugzilla Bug #223343 - pkicreate: should add 'pkiuser' to nfast group - Bugzilla Bug #629377 - Selinux errors during pkicreate CA, KRA, OCSP and TKS. - Bugzilla Bug #555927 - rhcs80 - AgentRequestFilter servlet and port fowarding for agent services - Bugzilla Bug #632425 - Port to tomcat6 - Bugzilla Bug #606946 - Convert Native Tools to use ldapAPI from OpenLDAP instead of the Mozldap - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #658926 - org.apache.commons.lang class not found on F13 - Bugzilla Bug #661514 - CMAKE build system requires rules to make javadocs - Bugzilla Bug #665388 - jakarta-* jars have been renamed to apache-*, pkicreate fails Fedora 14 and above - Bugzilla Bug #23346 - Two conflicting ACL list definitions in source repository - Bugzilla Bug #656733 - Standardize jar install location and jar names - 'pki-symkey' - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #644056 - CS build contains warnings - 'pki-native-tools' - template change - Bugzilla Bug #606946 - Convert Native Tools to use ldapAPI from OpenLDAP instead of the Mozldap - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #644056 - CS build contains warnings - 'pki-util' - Bugzilla Bug #615814 - rhcs80 - profile policyConstraintsCritical cannot be set to true - Bugzilla Bug #224945 - javadocs has missing descriptions, contains empty packages - Bugzilla Bug #621337 - Limit the received senderNonce value to 16 bytes. - Bugzilla Bug #621338 - Include a server randomly-generated 16 byte senderNonce in all signed SCEP responses. - Bugzilla Bug #621327 - Provide switch disabling algorithm downgrade attack in SCEP - Bugzilla Bug #621334 - Provide an option to set default hash algorithm for signing SCEP response messages. - Bugzilla Bug #635033 - At installation wizard selecting key types other than CA's signing cert will fail - Bugzilla Bug #645874 - rfe ecc - add ecc curve name support in JSS and CS interface - Bugzilla Bug #488253 - com.netscape.cmsutil.ocsp.BasicOCSPResponse ASN.1 encoding/decoding is broken - Bugzilla Bug #551410 - com.netscape.cmsutil.ocsp.TBSRequest ASN.1 encoding/decoding is incomplete - Bugzilla Bug #550331 - com.netscape.cmsutil.ocsp.ResponseData ASN.1 encoding/decoding is incomplete - Bugzilla Bug #623452 - rhcs80 pkiconsole profile policy editor limit policy extension to 5 only - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #651977 - turn off ssl2 for java servers (server.xml) - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #661514 - CMAKE build system requires rules to make javadocs - Bugzilla Bug #658188 - remove remaining references to tomcat5 - Bugzilla Bug #656733 - Standardize jar install location and jar names - Bugzilla Bug #223319 - Certificate Status inconsistency between token db and CA - Bugzilla Bug #531137 - RHCS 7.1 - Running out of Java Heap Memory During CRL Generation - 'pki-java-tools' - Bugzilla Bug #224945 - javadocs has missing descriptions, contains empty packages - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #659004 - CC: AuditVerify hardcoded with SHA-1 - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #661514 - CMAKE build system requires rules to make javadocs - Bugzilla Bug #662156 - HttpClient is hard-coded to handle only up to 5000 bytes - Bugzilla Bug #656733 - Standardize jar install location and jar names - 'pki-common' - Bugzilla Bug #583822 - CC: ACL issues from CA interface CC doc review - Bugzilla Bug #623745 - SessionTimer with LDAPSecurityDomainSessionTable started before configuration completed - Bugzilla Bug #620925 - CC: auditor needs to be able to download audit logs in the java subsystems - Bugzilla Bug #615827 - rhcs80 - profile policies need more than 5 policy mappings (seem hardcoded) - Bugzilla Bug #224945 - javadocs has missing descriptions, contains empty packages - Bugzilla Bug #548699 - subCA's admin certificate should be generated by itself - Bugzilla Bug #621322 - Provide switch disabling SCEP support in CA - Bugzilla Bug #563386 - rhcs80 ca crash on invalid inputs to profile caAgentServerCert (null cert_request) - Bugzilla Bug #621339 - SCEP one-time PIN can be used an unlimited number of times - Bugzilla Bug #583825 - CC: Obsolete servlets to be removed from web.xml as part of CC interface review - Bugzilla Bug #629677 - TPS: token enrollment fails. - Bugzilla Bug #621350 - Unauthenticated user can decrypt a one-time PIN in a SCEP request - Bugzilla Bug #503838 - rhcs71-80 external publishing ldap connection pools not reliable - improve connections or discovery - Bugzilla Bug #629769 - password decryption logs plain text password - Bugzilla Bug #583823 - CC: Auditing issues found as result of CC - interface review - Bugzilla Bug #632425 - Port to tomcat6 - Bugzilla Bug #586700 - OCSP Server throws fatal error while using OCSP console for renewing SSL Server certificate. - Bugzilla Bug #621337 - Limit the received senderNonce value to 16 bytes. - Bugzilla Bug #621338 - Include a server randomly-generated 16 byte senderNonce in all signed SCEP responses. - Bugzilla Bug #607380 - CC: Make sure Java Console can configure all security relevant config items - Bugzilla Bug #558100 - host challenge of the Secure Channel needs to be generated on TKS instead of TPS. - Bugzilla Bug #489342 - com.netscape.cms.servlet.common.CMCOutputTemplate.java doesn't support EC - Bugzilla Bug #630121 - OCSP responder lacking option to delete or disable a CA that it serves - Bugzilla Bug #634663 - CA CMC response default hard-coded to SHA1 - Bugzilla Bug #621327 - Provide switch disabling algorithm downgrade attack in SCEP - Bugzilla Bug #621334 - Provide an option to set default hash algorithm for signing SCEP response messages. - Bugzilla Bug #635033 - At installation wizard selecting key types other than CA's signing cert will fail - Bugzilla Bug #621341 - Add CA support for new SCEP key pair dedicated for SCEP signing and encryption. - Bugzilla Bug #223336 - ECC: unable to clone a ECC CA - Bugzilla Bug #539781 - rhcs 71 - CRLs Partitioned by Reason Code - onlySomeReasons ? - Bugzilla Bug #637330 - CC feature: Key Management - provide signature verification functions (JAVA subsystems) - Bugzilla Bug #223313 - should do random generated IV param for symmetric keys - Bugzilla Bug #555927 - rhcs80 - AgentRequestFilter servlet and port fowarding for agent services - Bugzilla Bug #630176 - Improve reliability of the LdapAnonConnFactory - Bugzilla Bug #524916 - ECC key constraints plug-ins should be based on ECC curve names (not on key sizes). - Bugzilla Bug #516632 - RHCS 7.1 - CS Incorrectly Issuing Multiple Certificates from the Same Request - Bugzilla Bug #648757 - expose and use updated cert verification function in JSS - Bugzilla Bug #638242 - Installation Wizard: at SizePanel, fix selection of signature algorithm; and for ECC curves - Bugzilla Bug #451874 - RFE - Java console - Certificate Wizard missing e.c. support - Bugzilla Bug #651040 - cloning shoud not include sslserver - Bugzilla Bug #542863 - RHCS8: Default cert audit nickname written to CS.cfg files imcomplete when the cert is stored on a hsm - Bugzilla Bug #360721 - New Feature: Profile Integrity Check . . . - Bugzilla Bug #651916 - kra and ocsp are using incorrect ports to talk to CA and complete configuration in DonePanel - Bugzilla Bug #642359 - CC Feature - need to verify certificate when it is added - Bugzilla Bug #653713 - CC: setting trust on a CIMC cert requires auditing - Bugzilla Bug #489385 - references to rhpki - Bugzilla Bug #499494 - change CA defaults to SHA2 - Bugzilla Bug #623452 - rhcs80 pkiconsole profile policy editor limit policy extension to 5 only - Bugzilla Bug #649910 - Console: an auditor or agent can be added to an administrator group. - Bugzilla Bug #632425 - Port to tomcat6 - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #651977 - turn off ssl2 for java servers (server.xml) - Bugzilla Bug #653576 - tomcat5 does not always run filters on servlets as expected - Bugzilla Bug #642357 - CC Feature- Self-Test plugins only check for validity - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #659004 - CC: AuditVerify hardcoded with SHA-1 - Bugzilla Bug #661196 - ECC(with nethsm) subca configuration fails with Key Type RSA Not Matched despite using ECC key pairs for rootCA & subCA. - Bugzilla Bug #661889 - The Servlet TPSRevokeCert of the CA returns an error to TPS even if certificate in question is already revoked. - Bugzilla Bug #663546 - Disable the functionalities that are not exposed in the console - Bugzilla Bug #661514 - CMAKE build system requires rules to make javadocs - Bugzilla Bug #658188 - remove remaining references to tomcat5 - Bugzilla Bug #649343 - Publishing queue should recover from CA crash. - Bugzilla Bug #491183 - rhcs rfe - add rfc 4523 support for pkiUser and pkiCA, obsolete 2252 and 2256 - Bugzilla Bug #640710 - Current SCEP implementation does not support HSMs - Bugzilla Bug #656733 - Standardize jar install location and jar names - Bugzilla Bug #661142 - Verification should fail when a revoked certificate is added - Bugzilla Bug #642741 - CS build uses deprecated functions - Bugzilla Bug #670337 - CA Clone configuration throws TCP connection error - Bugzilla Bug #662127 - CC doc Error: SignedAuditLog expiration time interface is no longer available through console - 'pki-selinux' - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #667153 - store nuxwdog passwords in kernel ring buffer - selinux changes - 'pki-ca' - Bugzilla Bug #583822 - CC: ACL issues from CA interface CC doc review - Bugzilla Bug #620925 - CC: auditor needs to be able to download audit logs in the java subsystems - Bugzilla Bug #621322 - Provide switch disabling SCEP support in CA - Bugzilla Bug #583824 - CC: Duplicate servlet mappings found as part of CC interface doc review - Bugzilla Bug #621602 - pkiconsole: Click on 'Publishing' option with admin privilege throws error "You are not authorized to perform this operation". - Bugzilla Bug #583825 - CC: Obsolete servlets to be removed from web.xml as part of CC interface review - Bugzilla Bug #583823 - CC: Auditing issues found as result of CC - interface review - Bugzilla Bug #519291 - Deleting a CRL Issuing Point after edits throws 'Internal Server Error'. - Bugzilla Bug #586700 - OCSP Server throws fatal error while using OCSP console for renewing SSL Server certificate. - Bugzilla Bug #621337 - Limit the received senderNonce value to 16 bytes. - Bugzilla Bug #621338 - Include a server randomly-generated 16 byte senderNonce in all signed SCEP responses. - Bugzilla Bug #558100 - host challenge of the Secure Channel needs to be generated on TKS instead of TPS. - Bugzilla Bug #630121 - OCSP responder lacking option to delete or disable a CA that it serves - Bugzilla Bug #634663 - CA CMC response default hard-coded to SHA1 - Bugzilla Bug #621327 - Provide switch disabling algorithm downgrade attack in SCEP - Bugzilla Bug #621334 - Provide an option to set default hash algorithm for signing SCEP response messages. - Bugzilla Bug #539781 - rhcs 71 - CRLs Partitioned by Reason Code - onlySomeReasons ? - Bugzilla Bug #637330 - CC feature: Key Management - provide signature verification functions (JAVA subsystems) - Bugzilla Bug #555927 - rhcs80 - AgentRequestFilter servlet and port fowarding for agent services - Bugzilla Bug #524916 - ECC key constraints plug-ins should be based on ECC curve names (not on key sizes). - Bugzilla Bug #516632 - RHCS 7.1 - CS Incorrectly Issuing Multiple Certificates from the Same Request - Bugzilla Bug #638242 - Installation Wizard: at SizePanel, fix selection of signature algorithm; and for ECC curves - Bugzilla Bug #529945 - (Instructions and sample only) CS 8.0 GA release -- DRM and TKS do not seem to have CRL checking enabled - Bugzilla Bug #609641 - CC: need procedure (and possibly tools) to help correctly set up CC environment - Bugzilla Bug #509481 - RFE: support sMIMECapabilities extensions in certificates (RFC 4262) - Bugzilla Bug #651916 - kra and ocsp are using incorrect ports to talk to CA and complete configuration in DonePanel - Bugzilla Bug #511990 - rhcs 7.3, 8.0 - re-activate missing object signing support in RHCS - Bugzilla Bug #651977 - turn off ssl2 for java servers (server.xml) - Bugzilla Bug #489385 - references to rhpki - Bugzilla Bug #499494 - change CA defaults to SHA2 - Bugzilla Bug #623452 - rhcs80 pkiconsole profile policy editor limit policy extension to 5 only - Bugzilla Bug #649910 - Console: an auditor or agent can be added to an administrator group. - Bugzilla Bug #632425 - Port to tomcat6 - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #653576 - tomcat5 does not always run filters on servlets as expected - Bugzilla Bug #642357 - CC Feature- Self-Test plugins only check for validity - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #661128 - incorrect CA ports used for revoke, unrevoke certs in TPS - Bugzilla Bug #512496 - RFE rhcs80 - crl updates and scheduling feature - Bugzilla Bug #661196 - ECC(with nethsm) subca configuration fails with Key Type RSA Not Matched despite using ECC key pairs for rootCA & subCA. - Bugzilla Bug #649343 - Publishing queue should recover from CA crash. - Bugzilla Bug #491183 - rhcs rfe - add rfc 4523 support for pkiUser and pkiCA, obsolete 2252 and 2256 - Bugzilla Bug #223346 - Two conflicting ACL list definitions in source repository - Bugzilla Bug #640710 - Current SCEP implementation does not support HSMs - Bugzilla Bug #656733 - Standardize jar install location and jar names - Bugzilla Bug #661142 - Verification should fail when a revoked certificate is added - Bugzilla Bug #668100 - DRM storage cert has OCSP signing extended key usage - Bugzilla Bug #662127 - CC doc Error: SignedAuditLog expiration time interface is no longer available through console - Bugzilla Bug #531137 - RHCS 7.1 - Running out of Java Heap Memory During CRL Generation - 'pki-silent' - Bugzilla Bug #627309 - pkisilent subca configuration fails. - Bugzilla Bug #640091 - pkisilent panels need to match with changed java subsystems - Bugzilla Bug #527322 - pkisilent ConfigureDRM should configure DRM Clone. - Bugzilla Bug #643053 - pkisilent DRM configuration fails - Bugzilla Bug #583754 - pki-silent needs an option to configure signing algorithm for CA certificates - Bugzilla Bug #489385 - references to rhpki - Bugzilla Bug #638377 - Generate PKI UI components which exclude a GUI interface - Bugzilla Bug #651977 - turn off ssl2 for java servers (server.xml) - Bugzilla Bug #640042 - TPS Installlation Wizard: need to move Module Panel up to before Security Domain Panel - Bugzilla Bug #643206 - New CMake based build system for Dogtag - Bugzilla Bug #588323 - Failed to enable cipher 0xc001 - Bugzilla Bug #656733 - Standardize jar install location and jar names - Bugzilla Bug #645895 - pkisilent: add ability to select ECC curves, signing algorithm - Bugzilla Bug #658641 - pkisilent doesn't not properly handle passwords with special characters - Bugzilla Bug #642741 - CS build uses deprecated functions- Bugzilla Bug #668839 - Review Request: pki-core - Removed empty "pre" from "pki-ca" - Consolidated directory ownership - Corrected file ownership within subpackages - Removed all versioning from NSS and NSPR packages- Bugzilla Bug #668839 - Review Request: pki-core - Added component versioning comments - Updated JSS from "4.2.6-10" to "4.2.6-12" - Modified installation section to preserve timestamps - Removed sectional comments- Initial revision. (kwright@redhat.com & mharmsen@redhat.com)  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMN10.2.6-12.fc22    pki-caLICENSEpki-ca.jarcaconfCS.cfgCatalinalocalhostca.xmlacl.ldifacl.propertiesadminCert.profileauth-method.propertiescaAuditSigningCert.profilecaCert.profilecaOCSPCert.profilecatalina.policycatalina.propertiesdb.ldifflatfile.txtindex.ldifindextasks.ldifjk2.manifestjk2.propertiesjkconf.ant.xmljkconfig.manifestlogging.propertiesproxy.confregistry.cfgserver-minimal.xmlserverCert.profileserverCert.profile.exampleWithSANserverCert.profile.exampleWithSANpatternshm.manifestsubsystemCert.profiletomcat-jk2.manifesttomcat-users.xmltomcat6.confuriworkermap.propertiesvlv.ldifvlvtasks.ldifweb.xmlworkers.propertiesworkers.properties.minimalworkers2.propertiesworkers2.properties.minimalemailsExpiredUnpublishJobExpiredUnpublishJobItemcertIssued_CAcertIssued_CA.htmlcertIssued_RAcertIssued_RA.htmlcertRequestRejected.htmlcertRevoked_CAcertRevoked_CA.htmlcertRevoked_RAcertRevoked_RA.htmleuJob1.htmleuJob1Item.htmlpublishCerts.htmlpublishCertsItem.htmlreqInQueue_CAreqInQueue_CA.htmlreqInQueue_RAreqInQueue_RA.htmlriq1Item.htmlriq1Summary.htmlrnJob1.txtrnJob1Item.txtrnJob1Summary.txtprofilescaAdminCert.cfgDomainController.cfgcaAdminCert.cfgcaAgentFileSigning.cfgcaAgentServerCert.cfgcaCACert.cfgcaCMCUserCert.cfgcaCrossSignedCACert.cfgcaDirPinUserCert.cfgcaDirUserCert.cfgcaDirUserRenewal.cfgcaDualCert.cfgcaDualRAuserCert.cfgcaECDirUserCert.cfgcaECDualCert.cfgcaECUserCert.cfgcaEncECUserCert.cfgcaEncUserCert.cfgcaFullCMCUserCert.cfgcaIPAserviceCert.cfgcaInstallCACert.cfgcaInternalAuthAuditSigningCert.cfgcaInternalAuthDRMstorageCert.cfgcaInternalAuthOCSPCert.cfgcaInternalAuthServerCert.cfgcaInternalAuthSubsystemCert.cfgcaInternalAuthTransportCert.cfgcaJarSigningCert.cfgcaManualRenewal.cfgcaOCSPCert.cfgcaOtherCert.cfgcaRACert.cfgcaRARouterCert.cfgcaRAagentCert.cfgcaRAserverCert.cfgcaRouterCert.cfgcaSSLClientSelfRenewal.cfgcaServerCert.cfgcaSignedLogCert.cfgcaSimpleCMCUserCert.cfgcaStorageCert.cfgcaSubsystemCert.cfgcaTPSCert.cfgcaTempTokenDeviceKeyEnrollment.cfgcaTempTokenUserEncryptionKeyEnrollment.cfgcaTempTokenUserSigningKeyEnrollment.cfgcaTokenDeviceKeyEnrollment.cfgcaTokenMSLoginEnrollment.cfgcaTokenUserAuthKeyRenewal.cfgcaTokenUserDelegateAuthKeyEnrollment.cfgcaTokenUserDelegateSigningKeyEnrollment.cfgcaTokenUserEncryptionKeyEnrollment.cfgcaTokenUserEncryptionKeyRenewal.cfgcaTokenUserSigningKeyEnrollment.cfgcaTokenUserSigningKeyRenewal.cfgcaTransportCert.cfgcaUUIDdeviceCert.cfgcaUserCert.cfgcaUserSMIMEcapCert.cfgsetupregistry_instancewebappsROOTWEB-INFweb.xmlindex.jspca404.html500.htmlGenUnexpectedError.templateWEB-INFlibpki-ca.jarpki-certsrv.jarpki-cms.jarpki-cmsbundle.jarpki-cmscore.jarpki-cmsutil.jarpki-nsutil.jarvelocity.propertiesweb.xmladminGenUnexpectedError.templatecaEnrollSuccess.templateImportAdminCert.templateImportCert.templateadminEnroll.htmlsecuritydomainlogin.templatesendCookie.templatecms-funcs.jsconsolehelpfun.jsindex.htmlagentGenError.templateGenPending.templateGenRejected.templateGenSuccess.templateGenSvcPending.templateGenUnauthorized.templateGenUnexpectedError.templatecaEnrollSuccess.templateImportCert.templateListRequests.htmlProfileApprove.templateProfileList.templateProfileProcess.templateProfileReview.templateProfileSelect.templateSrchCert.htmlSrchRequests.htmlSrchRevokeCert.htmlUpdateDir.htmlbulkissuance.templatecloneRedirect.templateconfirmRevocation.templatedisplayBySerial.templatedisplayBySerial2.templatedisplayCRL.templatedisplayCertFromRequest.templateerror.templateframeCRL.htmlframeDir.htmlframeDisplayCRL.htmlframeList.htmlframeListReq.htmlframeOCSP.htmlframeProfile.htmlframeRevoke.htmlframeSearch.htmlframeSrchRequests.htmlframeStats.htmlgetOCSPInfo.templategetStats.templateindex.htmlmenuCRL.htmlmenuDir.htmlmenuDisplayCRL.htmlmenuList.htmlmenuListReq.htmlmenuOCSP.htmlmenuProfile.htmlmenuRevoke.htmlmenuSearch.htmlmenuSrchRequests.htmlmenuStats.htmlmonitor.htmlmonitor.templatenotImplemented.htmlprocessCertReq.templateprocessReq.templatequeryBySerial.htmlqueryCert.htmlqueryCert.templatequeryReq.templatereasonToRevoke.templaterevocationResult.templaterevokeBySerial.templaterevokeCert.htmlsrchCert.templatetoDisplayCRL.templatetoUpdateCRL.templatetop.htmlunrevocationResult.templateupdateCRL.htmlupdateCRL.templateupdateDir.templatecms-funcs.jsfuncs.jsheader.templatehelpfun.jsindex.htmlindex.templateports.templatexenroll.dlleeGenError.templateGenPending.templateGenRejected.templateGenSuccess.templateGenSvcPending.templateGenUnauthorized.templateGenUnexpectedError.templatecaAIMEnroll.htmlCMCEnrollment.htmlCMCRevReq.htmlCertBasedDualEnroll.htmlCertBasedEncryptionEnroll.htmlCertBasedSingleEnroll.htmlChallengeRevoke1.htmlDirPinUserEnroll.htmlDirUserEnroll.htmlDisplayCRL.htmlEnrollSuccess.templateGetCAChain.htmlImportAdminCert.templateImportCert.templateKeyRecovery.htmlManCAEnroll.htmlManObjSignEnroll.htmlManRAEnroll.htmlManServerEnroll.htmlManUserEnroll.htmlNISUserEnroll.htmlOCSPResponder.htmlObjSignPKCS10Enroll.htmlPortalEnrollment.htmlProfileList.templateProfileSelect.templateProfileSubmit.htmlProfileSubmit.templateRenewalSuccess.templateRevocationSuccess.templateUserDnEnroll.htmlUserRenewal.htmlUserRevocation.htmlbench2k.htmlblank.htmlcheckRequest.htmldisplayBySerial.templatedisplayBySerial2.templatedisplayCRL.templatedisplayCaCert.templatedisplayCertFromRequest.templateenrollMenu.htmlindex.htmlpolicyEnrollmentindex.htmlprofileMenu.htmlretrievalMenu.htmlrevocationMenu.htmlprofileEnrollmentindex.htmlprofileMenu.htmlretrievalMenu.htmlrevocationMenu.htmlprofileMenu.htmlqueryBySerial.htmlqueryCert.htmlqueryCert.templatereasonToRevoke.templaterecoveryMenu.htmlremoteAuthConfig.templaterenewalMenu.htmlrequestStatus.templateretrievalMenu.htmlrevocationMenu.htmlrevocationResult.templatesrchCert.htmlsrchCert.templatetabs.htmltoDisplayCRL.templateunrevocationResult.templatecms-funcs.jshelpfun.jsindex.htmlindex.htmlservices.template/usr/share/doc//usr/share/doc/pki-ca//usr/share/java/pki//usr/share/pki//usr/share/pki/ca//usr/share/pki/ca/conf//usr/share/pki/ca/conf/Catalina//usr/share/pki/ca/conf/Catalina/localhost//usr/share/pki/ca/emails//usr/share/pki/ca/profiles//usr/share/pki/ca/profiles/ca//usr/share/pki/ca/setup//usr/share/pki/ca/webapps//usr/share/pki/ca/webapps/ROOT//usr/share/pki/ca/webapps/ROOT/WEB-INF//usr/share/pki/ca/webapps/ca//usr/share/pki/ca/webapps/ca/WEB-INF//usr/share/pki/ca/webapps/ca/WEB-INF/lib//usr/share/pki/ca/webapps/ca/admin//usr/share/pki/ca/webapps/ca/admin/ca//usr/share/pki/ca/webapps/ca/agent//usr/share/pki/ca/webapps/ca/agent/ca//usr/share/pki/ca/webapps/ca/ee//usr/share/pki/ca/webapps/ca/ee/ca//usr/share/pki/ca/webapps/ca/ee/ca/policyEnrollment//usr/share/pki/ca/webapps/ca/ee/ca/profileEnrollment/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=harddrpmxz2armv7hl-redhat-linux-gnueabi     directoryASCII textASCII text, with CRLF line terminators (Zip archive data, at least v2.0 to extract)ASCII text, with very long linesXML 1.0 document textexported SGML document, ASCII textXML document textHTML document, ASCII textHTML document, ASCII text, with very long lines?7zXZ !#,N=]"k%]z(+( B3k@{eW]_ܖfi$$_ ;pٙ\/36kZ/ٙqT6k.1~yD8tGoЍ  q>K鮺KcMJ]^{EB躯B54v}ҧ|,p7=xA3jg"kk,1hc[ OIdW!Xx' *NzQɣ3}5^-3yPOj]?+fme8GY"1b߬m6߳VjЌ= 0+vL}R(mkCY򑇽r+5&{ݜ%ve)LsS./cׯ_JVԓHT1'|Fصr(j ɧ|fVX^^1rcSu2{h!H~bHOm;D>$A,1g=o]E *~Huؒ6ł feFa 1{%P2ry3ȍwҵnR6 uR^[A C/=67ܫEv^@bzl$ >O{N8S%F7U's0J_&;tn!W>mjwZyi6Ax{:Sifx@rz1䔌 jIa.R㕛U;oi@ nTMJwT[>?g0A;D^oq6IybLƘ `R_K(X&W~J{Bħ;L/;9'vI+g\2f:,k x goaq^ť8exKuiJV

ͪ!M&RSf{9[v0@"]wr۪wr<&5 $Ҹ2Q[e:Z4n `Wjg[} !SjxlYyB6 %B(I vǻFƢQ{9@Mw;x!d_Ai`@2#0h\Ջco:f{+w#F[nDRu0)@ST:siO0Wk $#Fg0VjJ5EjE=BO$4ƁR0jEtD hFgȜ`ekhf\|R ߡ2(d#%!n曲E1.Op?E+1kQw>n&RbC /1VayaW"gn`9]eɹ}5eUCk p$?Bz R`77зE"p)"ȏCH_'F~'=ףۭs;,1VSZ07V~j8v1.hh [,(,ЪcN%櫔a|,. H!5_eA6cE{u4dn/I]8bfQFsG2s>{t[+ѱ*xWqe_KÍj)}(XGi츌tLw,Mr;ͺJyf>`J;ܼۺ-qncI 0ȳ0! AZi6 cn@ I)[o^/tzc[jrʑhK0Mv-ٖ2m"s6IvY \Йdjv(={B ,_lߗ`G\J DVQpF_VjS#/rR/qgyg:EI]/@CnVmÆ7/vzNDJ}r.FeѲ_jF)W?eEoƒhxsهY/p/-$<` ^9ۢb4KFRb1o 0@$0GqM0p;͸8%`!>gQm :L. }>vYt[b%z`w&pÒ>Q5k6Sbӿ*3J뽀%?AV`׶yيNܾDprxCt݈zVng=Js5DmO&ͷoʹGˍG(%F]VKףGQXZ'#}u"'J, h;?\#UkHT9 f\Mך%ءNFW @{=vj>  "\L!2BӤҰ"֮UI/O(̵,:8Os5rhE$VƧy|qtެc+@*p,{d+.5W2X$,njSw ]N5p9=?蕏!S oEQֹ0C%Wy3PݛX *QјZ$'z_ ?2)8;s}m,r x7;_ּHvzhlyoT<؛*^k; +Q̄PV)BmFnyF׌ժAlp [>R']՝FZo˛~+!5EN.|[c RfF3zM:.Lz-B<2>Ԥd  +,soB)K`i<-=KY777}7USɉJ- s2YTc](łx== lIBAVwSۺ΁]}ŕbbW*-ϰKGˆƅUH&Żt{Ko$Q .Ct<1%t= ֭F`0(|u-%4( }|lzBv?nю74X0u[Up#\$`syWKXt*Z1 <)uA47>pHFַ-F5&5!{U4yS2@e dmRЕ*?G{ gk4 P 9nH3;m I ASf]Y.; Za n3'Rebp]_{o6?iރM(e_Nށ[6g u輶c!?a {9K7iV.g&e zR0)cyU[01|(nlnq0H2}]ns>"m>,Jumc^|ϐ-194؅a Tp(3O4BՠHMmgEŲI?ӞxOkDBrK#@®~Z>ŋ ,Q!>ȅkupSgl?Z\Ѻ73W56IC;Sk‘qb'Up|v0G-Rp <:l M4#M{-{M啵:Nط~ jOKbqpM"m>/;y=i<'1>j3uKi_xV-b.|d՜wE lqizN#x[ŃHSpz!W|]"])9IK)r;?8z@KXrUu*W`xTn2K:Q*D? hLeC1L3mijַGVjm}IsE 7ĆAP5دA;vP)Mxv#;-i`{ méiT?j#KlOϼp3wtea7Kq??NCHQS~OSH|ַ#0.7u8Ԑ~+A:%+<,1ODiMF,4zd(\+p5O0U|έ2r^w#s7R jd|kM9ϚޛS_9E jd_L9-o.80ݣ4_ i!Bcta䁉Fu벻p9KQ)^8@U#aWh(~Ȑn%AWMiuDy&C Z RNvJQIK:1">-р?zHMڡ7$紩P my^j!9G2)wbY]VƹS{4hM~}1k .TN:w?st_Eq&6d%ȈQ jBBZZ@\HJ ␲AzO@'D: 1=;a+4䒌" QO2$?So l#'y._}ıiRo[̘XeNH ոL`u/.aєca%*!c/rVvNJlT %)n &}?. FQd"rx>.&7M)=p-1pR]Nt7F /#3_Q{O ]C쁅HY +>\@ɦ?d@K^&cDiB~Xx,pbR, 5)_ZYx )QJb57UsVF)LAɥ>G& wAw@KU+LЦ?ǧpP2FaB,.`^uJJ52WL+v(t'pfk b^3H~\%qT;YoC?Wb\͓@{[Ĭ`B f]\¢OR<=5vOMͦɠvh7vpx^.@&Kð 7T# gu䤐&{pcp VT9+E|0lf>w eE'elMG![Ԯ/qP5=/kوU>mŌZ0YNDK$h8`$}87fN\+U#_6v~ [kʰXBV+A#n 6^Do'rъv~bwY"y`mv1 Qz!^\bjom>F0Y뛐 !e܊;4ŏa1ٹwLNB;>2;A2m`YKB )2a NfźOr4;Z, l䢾3:7a9w-Fs-ݑjܮ-8Da}yᏌӇH-ňW\/BfM_DWi]1y<. ǑWV#:lTA:dѷYL]>02"QT?/g=MAhV Ǝ^8FƠ/pHM:ӫU-'WR|&*)y;=F ۜi }'9`,^,[vEsg-kl:Yr2-Lȱt3#x$WW|>[5G;Vqժp7_*Xz(_ϕa𗶙A@A^w6#eGaM.ֶqƜCyDh1Z_2Oє9(cdXq,"IۥU7Ngyʷ9w-\?Bԏ)Ե1T*FCJ$PkC&~k7@$/\>vMZ) Qe?WE S]wLcǃD%0d`XJ30֞#! ?~;VjD~h㢊`O”EqtGߘhHrݪxAtЖx+uVI;Haf.LbcɒQD84\H+$ ZT`Lʫ͏A_ p6B5X|#$c{ :Dy6@W7 jOHWu甹Rhe1^a즬h5r{y J-x\m|Os?+vFRO:x&}M8PaUmu:Vڢe;:CC՞\[8jzEN P4aTʵ>yڮ]K\\un}5!jT͓LzՈ}w8OK 3^Q@H"4Q`/=d G䬔ь\BUSd+0*B<,:ֱbu3Pf:=.=bDsBR4~/`=s.oLaa!ǖ~&ޛ?L@YVzOc8m~ r*@IAI!k#.3pD@IPl Ef/0bԜԟF4pmu "+( ϝXP{dDD4gGjGx j `}*1㻆Sِax6l[$1Q/]ci_gQfcRSBl|E!";(W-_+R8 :˂y)"fV̜jvKޞ9+g.SMI6Yg.wt5(d zV ~~0NYB(=E2SԕZ[V"r1V;Ç.2vB]JڝM-6 3^wZu:iHUz[QzjF.b}K|EM7j*O`[Rcd4$*ꁓ}OY܎zRbu1 eA`ՠw* abXh^#Z!q"vc׿W`R\\ -%Tm)s9u)S"z^~v&'9\mP1}~R!bz;){*FK<'y3w(Tj'V]}qܠYww5t߾`̷GxSv7qYxƿ6B--oV,O\@JqdRݼ:x.KXKy_{N7]i⒤$I-C*+\w}Hy_-ygM%2Q$Xr:$I'p2pe<4=ׂ$EhBReVS5j'0XS3y™v +[jyK|/%/L(%bs`zx{o5E3I=)A/§@L<PN`̇x{8PhYs ħ=QglѠ"7%swh=^^0h-߾wקN?16֎ً9^$ߦ'7 bJ4NLeK738O,.);[{8I ,>,\fbxL/ 'jV$Uyl"¹w!A_KֆwV 2Z, mS1E)u?e*A%=:ZkJU@ "ʚTSy˙!Ք"5wf!=N7PCЫ:Ϧ-kXmSy#5 ΓJu[jf{sY|{]?].Us屫; Ay%nmMi I緀EZm"z/5$yd\38+d.O7ݽȊvWނq3=Ξ??L %ZX( ^>J N,:P=\%u1OeT41.b9@W;}ͽ]UShe|,yLUc 1e/巠/d9*#(GgYE|1^lHۊl~'A. s I!E:M3鷮h< l uutOH|uzvM~$FP JF^(ϛv:p\5H, p@Lr=a.,Qr%OW P0R6d5YF.& KT:~=.̘Qtٳ_PQN)Ee pNAsUy,GJ]j Tk4tTJ 2K4ӹ Y ~h?Ƌq 'BNY^8;*ir:|M=w v.i8&d;D6 A=L%8^a8Y:BxEM2Bd*jorǐ."U='*]IPCiA:Հ?(Q 㔉Qpv$Ҫ>-'3/~6Q[b*];HN1(&(Eث؛urC''Ǧzr?#~6l7+?_xIIV |ery7jj3Sz @yy X̀®ZXpLZe;ϒ ЅDnrԂrj>yk}A$EĬ1}~h}$,drMEx&VB#J&Y$3*YB(t11-{9D})8'b/t㼔gv:E0̿ -|Kr":4|O(!<5i-o%5WIq"ACLh??CdU$ >avi0ԀH9‰Uzi)ZѮ:ڮ!Vz,28gR۩@ D2ODl*dvNdE>*pI%>Zhd0*`ZeDh"׳[7e6xrkY23vAn4pQdxǣ6! 2M[\+_ U&uqa5#jC/WL7 i×aδI'Y"?;|`V 7H!U )ITY:BBKno)JNWx/l@~rX2,,vh#?M1 ޾0T D/kA\QN_ՖJBF0-B oF8":TLPwWpGzp{%5bV[q_iwmO̢ξ i_1 GRVYOlcҹ]\"hYqdze*J6'c '~4ы߻]^ίHǚ\sj1wXâ>0CCNG[R;*Bo^2xL;d.RP϶XQڞY?a]>rلQMš !0 Y(':@IOPq*GZ`~c#RPq7cJnqG%$w+GU)mn)\ v5B=@Bhʔyo9xá&Puw_"*no d:͕r8ϩ*Ws^&,43Aѣx~E) O^D; Ƀ`)Njߕ}3zW-S:%:=ѣ=f`KJٴ 7*u]R>p0LyЇ(}u٫M+!W0Ccx77JqR {|a/Qrʤ&EVfhcx:Be 9Gv2ҭKdA~yQK( _吸@(;@Ne3`, 5s33bjV]^O'E1dyi^ѹCSΫzitRsӘt/(h]Rk|wܐ YZ