Change-Id: I132ad32bfe54e6714128ffea9cf2619a09c85885
-Copyright (c) 2015, CAcert
+Copyright (c) 2015, WPIA
All rights reserved.
Redistribution and use in source and binary forms, with or without
All rights reserved.
Redistribution and use in source and binary forms, with or without
-Webserver Module for CAcert
+Webserver Module for running an open Certificate Autority
Contains source from jetty 9.1.0.RC0
Contains source from jetty 9.1.0.RC0
emailProvider=club.wpia.gigi.email.CommandlineEmailProvider
sql.driver=org.postgresql.Driver
#sql.driver=com.mysql.jdbc.Driver
emailProvider=club.wpia.gigi.email.CommandlineEmailProvider
sql.driver=org.postgresql.Driver
#sql.driver=com.mysql.jdbc.Driver
-sql.url=jdbc:postgresql://localhost/cacert
-#sql.url=jdbc:mysql://localhost:3306/cacert
+sql.url=jdbc:postgresql://localhost/gigi
+#sql.url=jdbc:mysql://localhost:3306/gigi
# ==== OR ===
type=autonomous
# ==== OR ===
type=autonomous
-java=java -cp bin;/path/to/mysqlConnector.jar org.cacert.gigi.TestLauncher
+java=java -cp bin;/path/to/postgresConnector.jar club.wpia.gigi.TestLauncher
serverPort.https=4443
serverPort.http=8098
mailPort=8473
serverPort.https=4443
serverPort.http=8098
mailPort=8473
-name.static=static.cacert.local
-name.secure=secure.cacert.local
-name.www=www.cacert.local
-name.api=api.cacert.local
sql.driver=org.postgresql.Driver
#sql.driver=com.mysql.jdbc.Driver
sql.driver=org.postgresql.Driver
#sql.driver=com.mysql.jdbc.Driver
-sql.url=jdbc:postgresql://localhost/cacert
-#sql.url=jdbc:mysql://localhost:3306/cacert
-sql.user=cacert
+sql.url=jdbc:postgresql://localhost/gigi
+#sql.url=jdbc:mysql://localhost:3306/gigi
+sql.user=gigi
start) runGigiClass Launcher ;;
debug) runGigiClass Launcher "-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000" ;;
start-daemon)
start) runGigiClass Launcher ;;
debug) runGigiClass Launcher "-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000" ;;
start-daemon)
- exec 3</etc/cacert/gigi/conf.tar || die 'open config'
+ exec 3</etc/gigi/conf.tar || die 'open config'
exec 4>>/var/log/wpia-gigi.log || die 'open log'
runGigiClass Launcher <&3 >&4 2>&1 &
echo $! > /var/run/wpia-gigi.pid
exec 4>>/var/log/wpia-gigi.log || die 'open log'
runGigiClass Launcher <&3 >&4 2>&1 &
echo $! > /var/run/wpia-gigi.pid
Commands:
start - start gigi
debug - start gigi in debug mode (on port 8000, with config from stdin)
Commands:
start - start gigi
debug - start gigi in debug mode (on port 8000, with config from stdin)
- start-daemon - start gigi in background (using config from /etc/cacert/gig/config.tar)
+ start-daemon - start gigi in background (using config from /etc/gig/config.tar)
signer - start the simple signer
signer-conf - extract config for simple signer (and reset-database) from the tar from stdin
reset-database - reset the database
signer - start the simple signer
signer-conf - extract config for simple signer (and reset-database) from the tar from stdin
reset-database - reset the database
-# this script imports the cacert root certs
+# this script imports the root certificates for this installation
rm -f ../config/cacerts.jks
rm -f ../config/cacerts.jks
-#wget -N http://www.cacert.org/certs/root.crt
-#wget -N http://www.cacert.org/certs/class3.crt
-
-#keytool -importcert -keystore ../config/cacerts.jks -file root.crt -alias root -storepass "changeit" $1
-#keytool -importcert -keystore ../config/cacerts.jks -file class3.crt -alias class3 -storepass "changeit" $1
-
function import(){
keytool -importcert -keystore ../config/cacerts.jks -file "$1.crt" -alias own -storepass "changeit" -alias "$1" $2
}
function import(){
keytool -importcert -keystore ../config/cacerts.jks -file "$1.crt" -alias own -storepass "changeit" -alias "$1" $2
}
<h3><?=_SomeCA Acceptable Use Policy?></h3>
<p><?=_I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to SomeCA to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.?></p>
<h3><?=_SomeCA Acceptable Use Policy?></h3>
<p><?=_I hereby represent that I am fully authorized by the owner of the information contained in the CSR sent to SomeCA to apply for an Digital Certificate for secure and authenticated electronic transactions. I understand that a digital certificate serves to identify the Subscriber for the purposes of electronic communication and that the management of the private keys associated with such certificates is the responsibility of the subscriber's technical staff and/or contractors.?></p>
-<p><?=_CAcert Inc.'s public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with SomeCA Inc.'s CPS and supporting documentation published !(/policy/CPS)here!'</a>'.?></p>
+<p><?=_SomeCA's public certification services are governed by a CPS as amended from time to time which is incorporated into this Agreement by reference. The Subscriber will use the SSL Server Certificate in accordance with SomeCA Inc.'s CPS and supporting documentation published !(/policy/CPS)here!'</a>'.?></p>
<p><?=_If the Subscriber's name and/or domain name registration change the subscriber will immediately inform SomeCA Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.?></p>
<span id="placeholderName" class="js-hint"><?=$placeholderName?></span>
<p><?=_If the Subscriber's name and/or domain name registration change the subscriber will immediately inform SomeCA Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.?></p>
<span id="placeholderName" class="js-hint"><?=$placeholderName?></span>
-<h3><?=_CAcert Web of Trust Rules?></h3>
+<h3><?=_SomeCA Web of Trust Rules?></h3>
<p><?=_It is essential that SomeCA RA Agents understand and follow the rules below to ensure that applicants for verifcations are suitably identified, which, in turn, maintains trust in the system.?></p>
<p><?=_It is essential that SomeCA RA Agents understand and follow the rules below to ensure that applicants for verifcations are suitably identified, which, in turn, maintains trust in the system.?></p>
}
}.start();
BufferedReader br = new BufferedReader(new InputStreamReader(System.in, "UTF-8"));
}
}.start();
BufferedReader br = new BufferedReader(new InputStreamReader(System.in, "UTF-8"));
- System.out.println("Cacert-gigi system sucessfully started.");
+ System.out.println("Gigi system sucessfully started.");
System.out.println("Press enter to shutdown.");
br.readLine();
System.exit(0);
System.out.println("Press enter to shutdown.");
br.readLine();
System.exit(0);
};
}
if (args.length < 4) {
};
}
if (args.length < 4) {
- System.err.println("Usage: com.mysql.jdbc.Driver jdbc:mysql://localhost/cacert user password");
+ System.err.println("Usage: org.postgresql.Driver jdbc:postgresql://localhost/gigi user password");
return;
}
run(args, test ? ImportType.TEST : ImportType.PRODUCTION);
return;
}
run(args, test ? ImportType.TEST : ImportType.PRODUCTION);