Ubuntu
dogtag-pki package

dogtag-pki 11.0.0-1 source package in Ubuntu

Changelog

dogtag-pki (11.0.0-1) unstable; urgency=medium

  * New upstream release
    - CVE-2020-25715 (Closes: #988153)
  * dont-install-deleted-files.diff: Dropped, obsolete.
  * patches: Refreshed.
  * rules: Bump tomcat source path.
  * add-freebl-headers.diff: Add headers that libnss3-dev doesn't ship.
  * pki-tools: Add p12tool.
  * tests: Add --debug to pkispawn/pkidestroy.
  * Update service files.
  * control: Drop python3-pytest-runner from build-deps, not used anymore.
  * use-resteasy-legacy.diff: Dropped, obsolete and not applied anyway.
  * control: Drop unused libcommons-collections3-java from server depends.
  * fix-tomcat-paths.diff: Add catalina.properties and pki.policy to list of files to fix.
  * fix-symkey-path.diff: Refreshed.
  * control: Bump depends on libjss-java, libldap-java, libtomcatjss-java, libidm-console-framework-java.
  * install: Fix javadoc install.

 -- Timo Aaltonen <email address hidden>  Tue, 19 Oct 2021 18:25:25 +0300

Upload details

Uploaded by:
Debian FreeIPA Team
Uploaded to:
Sid
Original maintainer:
Debian FreeIPA Team
Architectures:
any all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Jammy release universe java

Downloads

File Size SHA-256 Checksum
dogtag-pki_11.0.0-1.dsc 3.7 KiB 50afa907a65be816a51185ce866aa05d672201a70f5fadea68c6d46e1bebd7b0
dogtag-pki_11.0.0.orig.tar.xz 6.5 MiB c6b1fdde2bca62ac07c18cbe9ca6ce02dcba3db974300070ab91bed0f4bd4f00
dogtag-pki_11.0.0-1.debian.tar.xz 41.6 KiB 22c747feb68423b55345854fb0c143a9718d065297edae8f37351ff208749483

No changes file available.

Binary packages built by this source

dogtag-pki: No summary available for dogtag-pki in ubuntu kinetic.

No description available for dogtag-pki in ubuntu kinetic.

dogtag-pki-console-theme: No summary available for dogtag-pki-console-theme in ubuntu kinetic.

No description available for dogtag-pki-console-theme in ubuntu kinetic.

dogtag-pki-server-theme: Certificate System - PKI Server User Interface

 This PKI Common Framework User Interface contains the Dogtag
 textual and graphical user interface for the PKI Common Framework.
 .
 This package is used by the Dogtag Certificate System.

libsymkey-java: Symmetric Key Java library

 The Symmetric Key Java library supplies various symmetric key operations
 to Java programs.
 .
 This package is a part of the PKI Core used by the Certificate System.

libsymkey-jni: No summary available for libsymkey-jni in ubuntu kinetic.

No description available for libsymkey-jni in ubuntu kinetic.

libsymkey-jni-dbgsym: No summary available for libsymkey-jni-dbgsym in ubuntu kinetic.

No description available for libsymkey-jni-dbgsym in ubuntu kinetic.

pki-base: No summary available for pki-base in ubuntu kinetic.

No description available for pki-base in ubuntu kinetic.

pki-base-java: Certificate System - PKI Framework -- java client support

 The PKI Framework contains the common and client libraries and utilities.
 .
 This package is a part of the PKI Core used by the Certificate System.

pki-ca: Certificate System - Certificate Authority

 The Certificate Authority (CA) is a required PKI subsystem which issues,
 renews, revokes, and publishes certificates as well as compiling and
 publishing Certificate Revocation Lists (CRLs).
 .
 The Certificate Authority can be configured as a self-signing Certificate
 Authority, where it is the root CA, or it can act as a subordinate CA,
 where it obtains its own signing certificate from a public CA.
 .
 This package is a part of the PKI Core used by the Certificate System.

pki-console: No summary available for pki-console in ubuntu kinetic.

No description available for pki-console in ubuntu kinetic.

pki-javadoc: Certificate System - PKI Framework Javadocs

 This documentation pertains exclusively to version 10 of
 the PKI Framework and Tools.
 .
 This package is a part of the PKI Core used by the Certificate System.

pki-kra: Certificate System - Data Recovery Manager

 Certificate System (CS) is an enterprise software system designed
 to manage enterprise Public Key Infrastructure (PKI) deployments.
 .
 The Data Recovery Manager (DRM) is an optional PKI subsystem that can act
 as a Key Recovery Authority (KRA). When configured in conjunction with the
 Certificate Authority (CA), the DRM stores private encryption keys as part of
 the certificate enrollment process. The key archival mechanism is triggered
 when a user enrolls in the PKI and creates the certificate request. Using the
 Certificate Request Message Format (CRMF) request format, a request is
 generated for the user's private encryption key. This key is then stored in
 the DRM which is configured to store keys in an encrypted format that can only
 be decrypted by several agents requesting the key at one time, providing for
 protection of the public encryption keys for the users in the PKI deployment.
 .
 Note that the DRM archives encryption keys; it does NOT archive signing keys,
 since such archival would undermine non-repudiation properties of signing keys.

pki-ocsp: Certificate System - Online Certificate Status Protocol Manager

 Certificate System (CS) is an enterprise software system designed
 to manage enterprise Public Key Infrastructure (PKI) deployments.
 .
 The Online Certificate Status Protocol (OCSP) Manager is an optional PKI
 subsystem that can act as a stand-alone OCSP service. The OCSP Manager
 performs the task of an online certificate validation authority by enabling
 OCSP-compliant clients to do real-time verification of certificates. Note
 that an online certificate-validation authority is often referred to as an
 OCSP Responder.
 .
 Although the Certificate Authority (CA) is already configured with an
 internal OCSP service. An external OCSP Responder is offered as a separate
 subsystem in case the user wants the OCSP service provided outside of a
 firewall while the CA resides inside of a firewall, or to take the load of
 requests off of the CA.
 .
 The OCSP Manager can receive Certificate Revocation Lists (CRLs) from
 multiple CA servers, and clients can query the OCSP Manager for the
 revocation status of certificates issued by all of these CA servers.
 .
 When an instance of OCSP Manager is set up with an instance of CA, and
 publishing is set up to this OCSP Manager, CRLs are published to it
 whenever they are issued or updated.

pki-server: Certificate System - PKI Server Framework

 The PKI Server Framework is required by the following four PKI subsystems:
 .
     the Certificate Authority (CA),
     the Data Recovery Manager (DRM),
     the Online Certificate Status Protocol (OCSP) Manager, and
     the Token Key Service (TKS).
 .
 This package is a part of the PKI Core used by the Certificate System.
 The package contains scripts to create and remove PKI subsystems.

pki-tks: No summary available for pki-tks in ubuntu kinetic.

No description available for pki-tks in ubuntu kinetic.

pki-tools: No summary available for pki-tools in ubuntu kinetic.

No description available for pki-tools in ubuntu kinetic.

pki-tools-dbgsym: debug symbols for pki-tools
pki-tps: Certificate System - Token Processing System

 Certificate System (CS) is an enterprise software system designed
 to manage enterprise Public Key Infrastructure (PKI) deployments.
 .
 The Token Processing System (TPS) is an optional PKI subsystem that acts
 as a Registration Authority (RA) for authenticating and processing
 enrollment requests, PIN reset requests, and formatting requests from
 the Enterprise Security Client (ESC).
 .
 TPS is designed to communicate with tokens that conform to
 Global Platform's Open Platform Specification.
 .
 TPS communicates over SSL with various PKI backend subsystems (including
 the Certificate Authority (CA), the Data Recovery Manager (DRM), and the
 Token Key Service (TKS)) to fulfill the user's requests.
 .
 TPS also interacts with the token database, an LDAP server that stores
 information about individual tokens.

pki-tps-client: Certificate System - Token Processing System client

 Certificate System (CS) is an enterprise software system designed
 to manage enterprise Public Key Infrastructure (PKI) deployments.
 .
 The Token Processing System (TPS) is an optional PKI subsystem that acts
 as a Registration Authority (RA) for authenticating and processing
 enrollment requests, PIN reset requests, and formatting requests from
 the Enterprise Security Client (ESC).
 .
 TPS is designed to communicate with tokens that conform to
 Global Platform's Open Platform Specification.
 .
 TPS communicates over SSL with various PKI backend subsystems (including
 the Certificate Authority (CA), the Data Recovery Manager (DRM), and the
 Token Key Service (TKS)) to fulfill the user's requests.
 .
 TPS also interacts with the token database, an LDAP server that stores
 information about individual tokens.
 .
 This client is a test tool that interacts with TPS. It is useful to test
 TPS server configs without risking an actual smart card.

pki-tps-client-dbgsym: No summary available for pki-tps-client-dbgsym in ubuntu kinetic.

No description available for pki-tps-client-dbgsym in ubuntu kinetic.

python3-pki-base: No summary available for python3-pki-base in ubuntu kinetic.

No description available for python3-pki-base in ubuntu kinetic.