deploy 1.3.6 along with new p11 config
This commit is contained in:
parent
d5caccdf70
commit
e80d1a5783
4 changed files with 41 additions and 39 deletions
|
|
@ -38,57 +38,59 @@ export IDP_CREDENTIALS=/etc/eidas-connector/credentials
|
|||
export IDP_SEALER_STORE_RESOURCE=$IDP_CREDENTIALS/sealer.jks
|
||||
export IDP_SEALER_VERSION_RESOURCES=$IDP_CREDENTIALS/sealer.kver
|
||||
|
||||
export IDP_PKCS11_ENABLED=false
|
||||
#export IDP_PKCS11_LIBRARY=/usr/safenet/lunaclient/lib/libCryptoki2_64.so
|
||||
#export IDP_PKCS11_SLOT=5
|
||||
#export IDP_METADATA_SIGNING_PKCS11_ENABLED=true
|
||||
#export SP_METADATA_SIGNING_PKCS11_ENABLED=true
|
||||
#export IDP_PKCS11_SLOT_LIST_INDEX=1
|
||||
export IDP_PKCS11_ENABLED=true
|
||||
export IDP_METADATA_SIGNING_PKCS11_ENABLED=true
|
||||
export SP_METADATA_SIGNING_PKCS11_ENABLED=true
|
||||
|
||||
export IDP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
export IDP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
#export IDP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
||||
#export IDP_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
#export IDP_SIGNING_CERT=$IDP_CREDENTIALS/sign.crt
|
||||
#export IDP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
#export IDP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
export IDP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
||||
export IDP_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
export IDP_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export IDP_SIGNING_CERT=$IDP_CREDENTIALS/sign.crt
|
||||
|
||||
export IDP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
export IDP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
#export IDP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
||||
#export IDP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
|
||||
#export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/enc.crt
|
||||
#export IDP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
#export IDP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
export IDP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
||||
export IDP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
|
||||
export IDP_ENCRYPTION_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export IDP_ENCRYPTION_CERT=$IDP_CREDENTIALS/enc.crt
|
||||
|
||||
export IDP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/metadata.key"
|
||||
export IDP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/metadata.crt"
|
||||
#export IDP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
|
||||
#export IDP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
#export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/swedenconnect-signer.crt
|
||||
#export IDP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/metadata.key"
|
||||
#export IDP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/metadata.crt"
|
||||
export IDP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
|
||||
export IDP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
export IDP_METADATA_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export IDP_METADATA_SIGNING_CERT=$IDP_CREDENTIALS/swedenconnect-signer.crt
|
||||
|
||||
export SP_CREDENTIALS=/etc/eidas-connector/credentials
|
||||
|
||||
export SP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
export SP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
#export SP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
||||
#export SP_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
#export SP_SIGNING_CERT=$SP_CREDENTIALS/sign.crt
|
||||
#export SP_SIGNING_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
#export SP_SIGNING_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
export SP_SIGNING_PKCS11_ALIAS=sc_eidas_sign
|
||||
export SP_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
export SP_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export SP_SIGNING_CERT=$SP_CREDENTIALS/sign.crt
|
||||
|
||||
export SP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
export SP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
#export SP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
||||
#export SP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
|
||||
#export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/enc.crt
|
||||
#export SP_ENCRYPTION_KEY="/etc/eidas-connector/credentials/connector.key"
|
||||
#export SP_ENCRYPTION_CERT="/etc/eidas-connector/credentials/connector.crt"
|
||||
export SP_ENCRYPTION_PKCS11_ALIAS=sc_eidas_encrypt
|
||||
export SP_ENCRYPTION_PKCS11_PIN=$PKCS11_PIN
|
||||
export SP_ENCRYPTION_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export SP_ENCRYPTION_CERT=$SP_CREDENTIALS/enc.crt
|
||||
|
||||
export SP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/metadata.key"
|
||||
export SP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/metadata.crt"
|
||||
#export SP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
|
||||
#export SP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
#export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/swedenconnect-signer.crt
|
||||
#export SP_METADATA_SIGNING_KEY="/etc/eidas-connector/credentials/metadata.key"
|
||||
#export SP_METADATA_SIGNING_CERT="/etc/eidas-connector/credentials/metadata.crt"
|
||||
export SP_METADATA_SIGNING_PKCS11_ALIAS=swedenconnect
|
||||
export SP_METADATA_SIGNING_PKCS11_PIN=$PKCS11_PIN
|
||||
export SP_METADATA_SIGNING_PKCS11_CFG="/etc/eidas-connector/credentials/pkcs11.cfg"
|
||||
export SP_METADATA_SIGNING_CERT=$SP_CREDENTIALS/swedenconnect-signer.crt
|
||||
|
||||
# Tomcat settings
|
||||
export TOMCAT_CREDENTIALS=/etc/eidas-connector/credentials/tomcat
|
||||
export TOMCAT_TLS_SERVER_KEY=$TOMCAT_CREDENTIALS/tomcat-key.pem
|
||||
export TOMCAT_TLS_SERVER_CERTIFICATE=$TOMCAT_CREDENTIALS/tomcat-cert.pem
|
||||
export TOMCAT_TLS_SERVER_CERTIFICATE_CHAIN=$TOMCAT_CREDENTIALS/tomcat-chain.pem
|
||||
export TOMCAT_INTERNAL_PROXIES='"10\.\d{1,3}\.\d{1,3}\.\d{1,3}\|192\.168\.\d{1,3}\.\d{1,3}\|169\.254\.\d{1,3}\.\d{1,3}\|127\.\d{1,3}\.\d{1,3}\.\d{1,3}\|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}\|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}\|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}\|130\.242\.125\.\d{1,3}\|81\.236\.48\.\d{1,3}"'
|
||||
|
||||
FEDERATION_METADATA_URL=https://md.swedenconnect.se/entities
|
||||
FEDERATION_METADATA_VALIDATION_CERT=/etc/eidas-connector/credentials/swedenconnect-signer.crt
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
<variable name="idp.loglevel.spring" value="ERROR" />
|
||||
<variable name="idp.loglevel.container" value="ERROR" />
|
||||
<variable name="idp.loglevel.xmlsec" value="ERROR" />
|
||||
<variable name="se.elegnamnden.eidas.pkcs11" value="INFO" />
|
||||
<variable name="se.elegnamnden.eidas.pkcs11" value="DEBUG" />
|
||||
|
||||
<!--
|
||||
It is also possible to add loggers and even appenders in this override file.
|
||||
|
|
|
|||
|
|
@ -570,7 +570,7 @@ md-eu1.qa.komreg.net:
|
|||
konsulter:
|
||||
autoupdate:
|
||||
eidas_connector:
|
||||
version: 1.3.5
|
||||
version: 1.3.6
|
||||
hostname: connector.eidas.swedenconnect.se
|
||||
sunet::frontend::register_sites:
|
||||
sites:
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue