summaryrefslogtreecommitdiff
path: root/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-authority-cert-config
AgeCommit message (Collapse)AuthorFilesLines
2019-11-05Support uploading multiple certificates per authority serviceZbigniew Kurzynski1-1/+4
Since the certificate manager can support multiple certificates the CERTPATH for mode=authentication will be changed to directory. This change depends on anothere review, see Depends-On tag. Becase the TrustStore will be used by TLS authentication, any operation on certificates should result in bmcweb restart, that is why #Units to restart entry is added. Since update procedure will not replace configuration file in /etc all configuration files for the certificate-manager will be deployed in /usr/share/phosphor-certificate-manager. (From meta-phosphor rev: 0c09ff71d089c614b14d076d933e849f2f74281e) Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> Change-Id: Ib7f4ba60760ab8cd1ac647bc51dadf50af7fedc7 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2019-03-26certificates: clean up config recipesBrad Bishop1-0/+0
Since the config recipe packages will create symlinks to the certificate manager template, RDEPEND rather than RRECOMMEND on the certificate manager package (which provides the template). Avoid obmc-phosphor-systemd. Enabling systemd units is the realm of packaging scripts and the SYSTEMD_LINK feature in obmc-phosphor-systemd implements this incorrectly. Just directly code install, pkg_postinst and pkg_prerm here rather than trying to fix obmc-phosphor-systemd - the extra indirection is more harmful to ease of comprehension for seasoned Yocto developers than the couple of lines of code it saves. (From meta-phosphor rev: 1a4e65e5847e299348b5f28ffa2b4b1837769deb) Change-Id: Ideb12d62461b3b18ff5c92f3a76f1aa20c94a269 Tested: Built witherspoon image and verified rootfs unchanged. Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
2018-11-20phosphor-certificate-manager: Add new nslcd authority certificate serviceMarri Devender Rao1-0/+9
Added new service to install CA certificate To start/stop service use commands systemctl start phosphor-certificate-manager@authority.service systemctl status phosphor-certificate-manager@authority.service Tested: 2$ curl -c cjar -b cjar -k -H "Content-Type: application/octet-stream" -X PUT -T cert.pem https://$BMC_IP//xyz/openbmc_project/certs/authority/ldap { "data": null, "message": "200 OK", "status": "ok" } root@witherspoon-w5:/tmp# systemctl stop phosphor-certificate-manager@authority.service root@witherspoon-w5:/tmp# root@witherspoon-w5:/tmp# systemctl start phosphor-certificate-manager@authority.service root@witherspoon-w5:/tmp# (From meta-phosphor rev: 139b373080872a96f7c64dfdc46807ed993daff0) Change-Id: I993f1d7db13212f04022fd562ea058f389b26da9 Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com> Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-01 03:58:37 +0300