Sophie

Sophie

distrib > Mandriva > 2010.0 > i586 > media > contrib-release > by-pkgid > d55121eb133dd34d19255542907295df > files > 5

openca-web-interfaces-batch-1.0.2-4mdv2010.0.i586.rpm

## Configuration File for OpenCA Software Package
## (c) 1999-2002 by Massimiliano Pala and OpenCA Group
## All Rights Reserved

## Crypto Section
## ==============
openssl    	"/usr/bin/openssl"
sslconfig  	"/etc/openca/openssl/openssl.cnf"
sslindex   	"/var/lib/openca/crypto/index.txt"
sslserial  	"/var/lib/openca/crypto/serial"
MakePath   	"/usr/bin/make -s"

## General Section
## ===============

DEFAULT_LANGUAGE "@default_language@"
DEFAULT_CHARSET  "@default_charset@"

## use DB or DBI here - DB is DBM-files and DBI is RDBMS
## config DBI via DBI.conf
DBmodule 		"@dbmodule@"

CgiLibPath		"/usr/share/openca/functions"
CgiServerType		"batch"
CgiServerName		"batch"

HtdocsUrlPrefix		"/openca/batch"

SessionDir      /var/lib/openca/session/cookie
SessionLifetime 1200

ModuleID		@batch_module_id@
ModuleShift		@module_shift@
AccessControlConfiguration "/etc/openca/access_control/batch.xml"
SoftwareConfiguration      "/etc/openca/config.xml"
RoleConfiguration          "/etc/openca/rbac/roles.xml"
ModuleConfiguration        "/etc/openca/rbac/modules.xml"
TokenConfiguration         "/etc/openca/token.xml"
LogConfiguration           "/etc/openca/log.xml"
MenuConfiguration          "/etc/openca/menu.xml"
LOAConfiguration           "/etc/openca/loa.xml"
StatemachineConfiguration  "/etc/openca/bp/bp.xml"

## ==================== [ LOA Support ] =========================
## USE_LOAS takes either YES or NO
USE_LOAS                "@USE_LOAS@"


MaxReturnedItems 	20
 
TempDir    		"/var/lib/openca/tmp"
certsIndex 		"/var/lib/openca/crypto/index.txt"
extFilesDir		"/etc/openca/openssl/extfiles"
certDir			"/var/lib/openca/crypto/certs"
 
ADDITIONAL_REQUEST_ATTRIBUTES   "requestercn" "email" "department" "telephone"
ADDITIONAL_ATTRIBUTES_DISPLAY_VALUE     "Name (first and Last name)" "Email" "Department"  "Telephone"
ADDITIONAL_REQUEST_ATTRIBUTES_STRING_TYPE "LATIN1_LETTERS" "EMAIL" "LATIN1_LETTERS" "LATIN1_LETTERS"

CSR_SUPPORTED_ATTRIBUTES            "emailAddress" "CN" "SN" "unstructuredName" "unstructuredAddress" "OU" "L" "ST" "O" "C" "DC" "serialNumber" "UID"
CSR_DEFAULT_ATTRIBUTE_FIELDS        7
CSR_ALLOW_MULTIVALUED_ATTRIBUTES    YES
CSR_SUPPORTED_SUBJECT_ALT_NAMES     "email" "DNS" "IP" "DirName" "URI" "RID" "otherName" "Microsoft_GUID" "Microsoft_UPN"
CSR_DEFAULT_SUBJECT_ALT_NAME_FIELDS 4

NewCertsDir 		"/var/lib/openca/crypto/certs"

CmdRefs_viewCert	"SENDCERT" "SEND_CERT_KEY" "VIEW_CSR" "TOKENHANDLING" "SET_PUBLIC_PASSWD"
CmdRefs_viewCSR		"ISSUE_CERT" "DELETE" "EDIT" "GENERATE_KEY"
CmdRefs_viewCRR		"APPROVE_WITHOUT_SIGNING" "APPROVE" "REVOKE_CERT" "DELETE" "EDIT" "VIEW_CERT" "VIEW_USER_CRR"
REQUIRE_PASSWD_PUBLIC	"NO"
CHANGE_DAYS             "YES"

## Batch Processors
## ================

KEY_BACKUP_KEY		"/var/lib/openca/crypto/keys/keybackup_key.pem"
KEY_BACKUP_CERTIFICATE	"/var/lib/openca/crypto/cacerts/keybackup_cert.pem"
BP_KEY			"/var/lib/openca/crypto/keys/bp_key.pem"
BP_CERTIFICATE		"/var/lib/openca/crypto/cacerts/bp_cert.pem"

BP_DIR					"/var/lib/openca/batch";
BP_EXPORT_PKCS12_DIR	"/var/lib/openca/bp/dataexchange/pkcs12";

## use DENY, (ALLOW|OPTIONAL), (EN)FORCE
BP_KEY_BACKUP_MODE		"ALLOW"

BP_DEFAULT_KEY_ALGORITHM	"rsa"
BP_DEFAULT_KEY_LENGTH		"1024"
BP_MINIMUM_KEY_LENGTH		"1024"

BP_File_ImportNewUser		"batch_new_user.txt"
BP_File_ImportUpdateUser	"batch_update_user.txt"
BP_File_ImportACL		"batch_acl.txt"
BP_File_ExportPIN		"batch_export_pin.txt"

## Images Section
## ==============
ValidSigImage		"/openca/batch/images/validSig.png"
SigErrorImage		"/openca/batch/images/sigError.png"

## Certificates Section
## ====================

CACertificate 		"/var/lib/openca/crypto/cacerts/cacert.pem"
CACertificateDER	"/var/lib/openca/crypto/cacerts/cacert.der"
CACertificateTXT	"/var/lib/openca/crypto/cacerts/cacert.txt"
CACertificateCRT	"/var/lib/openca/crypto/chain/cacert.crt"
CACertDir		"/var/lib/openca/crypto/cacerts"
ChainDir		"/var/lib/openca/crypto/chain"
ReqDir			"/var/lib/openca/crypto/reqs"
CAKey 			"/var/lib/openca/crypto/keys/cakey.pem"
CRLDir 			"/var/lib/openca/crypto/crls"                                                  

## Dataexchange section
## ====================

## please see *_node.conf for more details

## dataexchange with a lower level of the hierarchy
EXPORT_IMPORT_DOWN_DEVICE "@dataexchange_device_down@"
EXPORT_IMPORT_DOWN_START  ""
EXPORT_IMPORT_DOWN_STOP   ""
EXPORT_IMPORT_DOWN_EXPORT "/bin/tar -cvpf @__DEVICE__@ -C @__SRC__@ ."
EXPORT_IMPORT_DOWN_IMPORT "/bin/tar -xvf @__DEVICE__@ -C @__DEST__@"
EXPORT_IMPORT_DOWN_TEST   "/bin/tar -tvf @__DEVICE__@"

## local dataexchange (backup, recovery and batchprocessors)
EXPORT_IMPORT_LOCAL_DEVICE "@dataexchange_device_local@"
EXPORT_IMPORT_LOCAL_START  ""
EXPORT_IMPORT_LOCAL_STOP   ""
EXPORT_IMPORT_LOCAL_EXPORT "/bin/tar -cvpf @__DEVICE__@ -C @__SRC__@ ."
EXPORT_IMPORT_LOCAL_IMPORT "/bin/tar -xvf @__DEVICE__@ -C @__DEST__@"
EXPORT_IMPORT_LOCAL_TEST   "/bin/tar -tvf @__DEVICE__@"

EXPORT_IMPORT_MODULES
LOG_ENROLL_DIR "/var/lib/openca/log/enroll"
LOG_RECEIVE_DIR "/var/lib/openca/log/receive"
ENROLL_CA_CERTIFICATE_STATES @enroll_ca_certificate_states@

## RBAC Section
## ============
#############
# variables #
#############
 
## rights
RBAC on
MODULE_NAME "RA_1"
 
## openssl
OpenSSL_DIR   "/etc/openca/openssl/openssl"
EXT_DIR       "/etc/openca/openssl/extfiles"
OPENSSL_SAMPLE_CONF "/etc/openca/openssl/sample-openssl.conf"
OPENSSL_SAMPLE_EXT  "/etc/openca/openssl/sample-openssl.ext"
 
 
# genral
RBAC_DIR          "/etc/openca/rbac"
MODULES_DIR       "modules"
SCRIPT_CONFIG_DIR "scripts"
ROLES_DIR         "roles"
RIGHTS_DIR        "rights"
 
######################
## support for PKIX ##
######################

SET_REQUEST_SERIAL_IN_DN "N"
REQUEST_SERIAL_NAME "sn"

SET_CERTIFICATE_SERIAL_IN_DN "Y"
CERTIFICATE_SERIAL_NAME "serialNumber"

DN_WITHOUT_EMAIL "Y"

AUTOMATIC_SUBJECT_ALT_NAME "Y"
DEFAULT_SUBJECT_ALT_NAME   "Email"

UNIQUE_DN "YES"

######################
## support for PINs ##
######################

USE_REQUEST_PIN      NO
# secure PIN_LENGTH limits the PIN itself so please use
# SECURE_PIN_RANDOM because this option ensures the number
# of the secret random bits
# 16 x 8 = 128 bit
SECURE_PIN_LENGTH    0
SECURE_PIN_RANDOM    16
MAIL_DIR             "/var/lib/openca/mail"
CRIN_MAIL_DIR        "/var/lib/openca/mail/crins"
DEFAULT_MAIL_DIR     "/var/lib/openca/mail/default"
SERVICE_MAIL_ACCOUNT "pki@openca.org"
REQUEST_PIN_MAIL     "/usr/share/openca/mails/__LANGUAGE__/request_pin_mail.msg"
SECURE_PIN_MAIL      "/usr/share/openca/mails/__LANGUAGE__/secure_pin_mail.msg"
CONFIRM_CERT_SIGN    "/usr/share/openca/mails/__LANGUAGE__/confirm_cert_sign.msg"

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional