From 4c0b1106e78a72e9bd8074ec5c1897e4ea27653f Mon Sep 17 00:00:00 2001
From: Leif Johansson <leifj@sunet.se>
Date: Sat, 8 Sep 2018 00:55:43 +0200
Subject: [PATCH] turn back to local keypair while debugging pkcs11

---
 .../etc/eidas-connector/eidas-connector.conf  | 20 ++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf b/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
index 8e519b49..59bcfc2b 100644
--- a/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
+++ b/eidas-connector-common/overlay/etc/eidas-connector/eidas-connector.conf
@@ -38,7 +38,7 @@ export IDP_CREDENTIALS=/etc/eidas-connector/credentials
 export IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/sealer.jks
 export IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/sealer.kver
 
-export IDP_PKCS11_ENABLED=true
+export IDP_PKCS11_ENABLED=false
 export IDP_PKCS11_LIBRARY=/usr/safenet/lunaclient/lib/libCryptoki2_64.so
 export IDP_PKCS11_SLOT=sc_ha
 export IDP_METADATA_SIGNING_PKCS11_ENABLED=true
@@ -46,36 +46,42 @@ export SP_METADATA_SIGNING_PKCS11_ENABLED=true
 export IDP_PKCS11_SLOT_LIST_INDEX=1
 
 export IDP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
+export IDP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
 export IDP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
 export IDP_SIGNING_PKCS11_PIN=$PKCS11_PIN
-export IDP_SIGNING_CERT=$IDP_CREDENTIALS/sign.crt
+#export IDP_SIGNING_CERT=$IDP_CREDENTIALS/sign.crt
 
 export IDP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
+export IDP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
 export IDP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
 export IDP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
-export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/enc.crt
+#export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/enc.crt
 
 export IDP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
+export IDP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
 export IDP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
 export IDP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
-export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/swedenconnect-signer.crt
+#export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/swedenconnect-signer.crt
 
 export SP_CREDENTIALS=/etc/eidas-connector/credentials
 
 export SP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
+export SP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.key"
 export SP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
 export SP_SIGNING_PKCS11_PIN=$PKCS11_PIN
-export SP_SIGNING_CERT=$SP_CREDENTIALS/sign.crt
+#export SP_SIGNING_CERT=$SP_CREDENTIALS/sign.crt
 
 export SP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
+export SP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
 export SP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
 export SP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
-export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/enc.crt
+#export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/enc.crt
 
 export SP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
+export SP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
 export SP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
 export SP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
-export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/swedenconnect-signer.crt
+#export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/swedenconnect-signer.crt
 
 # Tomcat settings
 export TOMCAT_CREDENTIALS=/etc/eidas-connector/credentials/tomcat