48 lines
11 KiB
Bash
Executable file
48 lines
11 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
set -x
|
|
|
|
cat<<EOF
|
|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
|
<CoreConfiguration xmlns="http:/www.bos_bremen.de/2009/06/eID-Server-CoreConfig">
|
|
<ServerUrl>https://${PUBLIC_HOSTNAME}/eidas-middleware</ServerUrl>
|
|
<sessionManagerUsesDatabase>true</sessionManagerUsesDatabase>
|
|
<sessionMaxPendingRequests>500</sessionMaxPendingRequests>
|
|
<certificateWarningMargin>200</certificateWarningMargin>
|
|
<TimerConfiguration>
|
|
<certRenewal length="2" unit="11"/>
|
|
<blacklistRenewal length="2" unit="11"/>
|
|
<masterAndDefectListRenewal length="2" unit="11"/>
|
|
</TimerConfiguration>
|
|
<ServiceProvider entityID="qa-se-de-middleware" enabled="true">
|
|
<EPAConnectorConfiguration updateCVC="true">
|
|
<CVCRefID>qa-se-de-middleware</CVCRefID>
|
|
<PkiConnectorConfiguration>
|
|
<blackListTrustAnchor>MIIGqjCCBJKgAwIBAgIIas94+G4kaTEwDQYJKoZIhvcNAQENBQAwWDEgMB4GA1UEAwwXR292ZXJuaWt1cyBSb290IENBIDQ6UE4xFjAUBgNVBAoMDUdvdmVybmlrdXMgS0cxDzANBgNVBAcMBkJyZW1lbjELMAkGA1UEBhMCREUwHhcNMjAwMzIzMTAwMzI1WhcNMzUwMzIwMTAwMzI1WjBsMRwwGgYDVQQDDBNHb3Zlcm5pa3VzIENBIDEyOlBOMRYwFAYDVQQLDA1Hb3Zlcm5pa3VzIENBMRYwFAYDVQQKDA1Hb3Zlcm5pa3VzIEtHMQ8wDQYDVQQHDAZCcmVtZW4xCzAJBgNVBAYTAkRFMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwXI//LJjA/WpmpQXFfWVsHUwD2UeeUIZyZt5jLto/+CBBDdlz09LY/Qr82ccJ51wjDszE2ubylSH6V1zMxbOwV+rVH65l4e6YkXuS1h/mJVRMg1hu8/yvlt0qtdUIzso4kKXpY2zc/5rBg0l4rZCo48OddX4a9zdxfHcqwbhpqlDw2E13VTK+zd65Y9hYKscdPzK0ZwEgFrH4LjtT+fjntwuj67gwQYrJZO+mvjBn3JGDKyKfHeJXpCU9pUn5Vn7vpisGg5JVrvQ0JIx7whVy5Xk5hcqxtCR0XAQOLp15W3Pwlmnj7m4zUZMUKM61nXM9s3zc43T+90IsC6MosKlV9ryJ57CbNlnHrKZxo7srTyEgzrmvghcWdDRIGEuX28lnfHKot5L8Fg47QVkEXa/pRZN0ugjoXkiuVMEHuKGlF6EmlBv+VX5sHeips3VkrYZDjr/QD20hIB9QpBa6Z+dbdhcbpJM8s85855F7+jY6+Wh32ewl3b6vPrrWifkPNae2MGifJ6poNVEcLNioupj9e6UvoD/YC9q1nmB7hn+huzUpHT9M4p3D142imRn4JxFK03gPRGG0xsgMPJq0uyl/CXCbRpO3H6S3KkzzulVR+9h23G9scn0er4Xv1UfoZpQxElB8GsoA7ToIzmE87DpUxG1nnTQw6/KKYTpKI3fmfMCAwEAAaOCAWIwggFeMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUBBsOJUhm2JvjKvYsg2LRswyMLlcwgfoGCCsGAQUFBwEBBIHtMIHqMIGqBggrBgEFBQcwAoaBnWh0dHBzOi8vd3d3LmdvdmVybmlrdXMuZGUvZWpiY2EvcHVibGljd2ViL3dlYmRpc3QvY2VydGRpc3Q/Y21kPWNhY2VydCZpc3N1ZXI9Q04lM0RHb3Zlcm5pa3VzK1Jvb3QrQ0ErNCUzQVBOJTJDTyUzREdvdmVybmlrdXMrS0clMkNMJTNEQnJlbWVuJTJDQyUzRERFJmxldmVsPTAwOwYIKwYBBQUHMAGGL2h0dHA6Ly9wa2kuZ292ZXJuaWt1cy5jb20vcHVibGljd2ViL3N0YXR1cy9vY3NwMB0GA1UdDgQWBBQpJ+XA++2TUTyvRGYBCiV853NkWzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIBACS2TiZU7kc+jkARuqSZge6OLXIDfqsdWhIDd0b5yZBpYR2ictw6NpSWcTsvY9i+Xb+z1EJhgTymaYYcWBR15rAWbOMTn32cscDgn3BHi2ZVa73yaQ11/1RS+ekkE6dP/F1VNFsk1etSVhJCA/nDws+TZ5/broqPqnxIdESwhIoewY64T+MbALgSM1MCGZPBk6+vch9TGkCA63pDkEpHCZTLofiKkgL51rjK13t5uSxrC5hhiO6Rg4CvdzbefMRS3e7j89ITFqs1aP8jGzh5Up2oMHe+Cbsp+CJmJ44MqMqamaWxT7qkYFMmTp7hLFgoKBxK6s83jFw7ucxlzDpa7G7RR0v5hxxtuX71aI7k9WZWc8v4aqmmSZPN/PwVteePnNE45nmie5JgaV+ek9puRUF9TdaZchZs3o/LpDaViagVb9GDcRvI4SNMMgWtHl6ZLbTOBwlWrkipuCFaGB6Xntj6ypIGMkq7pIYwxRAGN44qzlx0L3OBpPLKebFqZD1obdH5B+mnQzet/WXi9zqnXxGpkNEOpcK/PaUrju9CT6tt9aKITtou0i0pw+e9i7W4wHtz+HwT3BR1E+RQgtjC5+SdaVpcayPvwSqTmXiKrk5FxmgZP+HX5zT/kuhhWqSg1TMa9nMGw32c/il/EmExwU33ypimWYniyRJmJY5lXo8E</blackListTrustAnchor>
|
|
<masterListTrustAnchor>MIIEszCCBDmgAwIBAgICBEwwCgYIKoZIzj0EAwMwVTELMAkGA1UEBhMCREUxDTALBgNVBAoMBGJ1bmQxDDAKBgNVBAsMA2JzaTENMAsGA1UEBRMEMDAwNjEaMBgGA1UEAwwRVEVTVCBjc2NhLWdlcm1hbnkwHhcNMTYwODA5MTIyNDU0WhcNMzAwMjA5MjM1OTU5WjBVMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMQ0wCwYDVQQFEwQwMDA2MRowGAYDVQQDDBFURVNUIGNzY2EtZ2VybWFueTCCAbUwggFNBgcqhkjOPQIBMIIBQAIBATA8BgcqhkjOPQEBAjEAjLkegqM4bSgPXW9+UOZB3xUvcQntVFa0ErHaGX+3ESOs06cpkB0acYdHABMxB+xTMGQEMHvDgsY9jBUMPHIICs4Fr6DCvqKOT7InhxORZe+6kfkPiqWBSlA61OsEqMfdIs4oJgQwBKjH3SLOKCaLObVUFvBEfC+3feEH3NKmLogOpT7rYtV8tDkCldvJlDq3hpb6UEwRBGEEHRxk8GjPRf+ipjqBt8E/a4hHo+d+8U/j23/K/gy9EOjoJuA0NtZGqu+HsuJH1K8eir4ddSD5wqRcseuOlc/VUmK3Cyn+7Fhk4ZwFT/mRKSgORkYhd5GBEUKCA0EmPFMVAjEAjLkegqM4bSgPXW9+UOZB3xUvcQntVFazHxZubKwEJafPOrava3/DEDuIMgLpBGVlAgEBA2IABDfwyU+90CWFVcRX/Qdmqf3nwOL8dZw/U02Nqc6bABLk4CsU6lvOBz50KwKG5TSnbnCXKc6Ml4rioT6qkNXj4oJ2xWusnRjJtPXIvm8gEt1ewwyI37cwGDypFbx+kK2CmaOCAZkwggGVMB0GA1UdDgQWBBQcDTXFf9QDqX6gnl9hAP3DCCWxLzAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0QBCQwIoAPMjAxNjA4MDkxMjI0NTRagQ8yMDE5MDgwOTIzNTk1OVowFgYDVR0gBA8wDTALBgkEAH8ABwMBAQEwUQYDVR0RBEowSIEYY3NjYS1nZXJtYW55QGJzaS5idW5kLmRlhhxodHRwczovL3d3dy5ic2kuYnVuZC5kZS9jc2NhpA4wDDEKMAgGA1UEBwwBRDBRBgNVHRIESjBIgRhjc2NhLWdlcm1hbnlAYnNpLmJ1bmQuZGWGHGh0dHBzOi8vd3d3LmJzaS5idW5kLmRlL2NzY2GkDjAMMQowCAYDVQQHDAFEMBIGA1UdEwEB/wQIMAYBAf8CAQAwNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL3d3dy5ic2kuYnVuZC5kZS90ZXN0X2NzY2FfY3JsMA0GB2eBCAEBBgEEAgUAMB8GA1UdIwQYMBaAFBwNNcV/1AOpfqCeX2EA/cMIJbEvMAoGCCqGSM49BAMDA2gAMGUCMQCHS2/ZIof66Avhs980nmh1t40zWz0xwghE+wBrht5uBGhOt1ion6RDFnddS6z8x5gCMB8k4lb7D7SZVPG22EfD0K/xgyGqiqnM8P6QcvU3wjxCc427c+9DkMS6b3UAzityZQ==</masterListTrustAnchor>
|
|
<defectListTrustAnchor>MIIELTCCA7SgAwIBAgIBBDAKBggqhkjOPQQDAzBVMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMQ0wCwYDVQQFEwQwMDA0MRowGAYDVQQDDBFURVNUIGNzY2EtZ2VybWFueTAeFw0xNTA5MjMwODU1MjZaFw0yNjAzMjMyMzU5NTlaMGAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARidW5kMQwwCgYDVQQLDANic2kxDTALBgNVBAUTBDAwMDYxJTAjBgNVBAMMHFRFU1QgQ1NDQSBEZWZlY3QgTGlzdCBTaWduZXIwggEzMIHsBgcqhkjOPQIBMIHgAgEBMCwGByqGSM49AQECIQCp+1fboe6pvD5mCpCdg41ybjv2I9UmICggE0gdH25TdzBEBCB9Wgl1/CwwV+72dTBBev/n+4BVwSbcXGzpSktE8zC12QQgJtxcbOlKS0TzMLXZu9d8v5WEFilc9+HOa8zcGP+MB7YEQQSL0q65y35XyyxLSC/8gbevud4n4eO9I8I6RFO9ms4yYlR++DXD2sT9l/hGGhRhHcnCd0UTLe2OVFwdVMcvBGmXAiEAqftX26Huqbw+ZgqQnYONcYw5eqO1Yab3kB4OgpdIVqcCAQEDQgAEphPfzRAJDfLG1r0JpAJYgdRvKc0DacjGhbxhuEWlMRB1XpV3pKPpVHUuraDEaC4Ru8q2W4etyA4Swc8JQ6jdXaOCAYwwggGIMB8GA1UdIwQYMBaAFHD8PNdfzGkLdI7YpGbmsFvP3TmdMB0GA1UdDgQWBBSFeLqnCPkXciiQQOzwVzQDNiNWBDAOBgNVHQ8BAf8EBAMCB4AwKwYDVR0QBCQwIoAPMjAxNTA5MjMwODU1MjZagQ8yMDE4MDkyMzIzNTk1OVowFgYDVR0gBA8wDTALBgkEAH8ABwMBAQEwUQYDVR0RBEowSIEYY3NjYS1nZXJtYW55QGJzaS5idW5kLmRlhhxodHRwczovL3d3dy5ic2kuYnVuZC5kZS9jc2NhpA4wDDEKMAgGA1UEBwwBRDBRBgNVHRIESjBIgRhjc2NhLWdlcm1hbnlAYnNpLmJ1bmQuZGWGHGh0dHBzOi8vd3d3LmJzaS5idW5kLmRlL2NzY2GkDjAMMQowCAYDVQQHDAFEMBQGA1UdJQEB/wQKMAgGBmeBCAEBAzA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vd3d3LmJzaS5idW5kLmRlL3Rlc3RfY3NjYV9jcmwwCgYIKoZIzj0EAwMDZwAwZAIwPAvVTvhJuX0dIyd7Ouv0t03J2KA08JehN+RA6oVU7xvS7RbCLIcKNYqVRnC4eJrOAjB1X89X1lH/0Fq3HH1tKXw3ELw62dBrHeHGsn3kcWNXxYqr5iRobwJru3FPk5ka34s=</defectListTrustAnchor>
|
|
<policyImplementationId>govDvca</policyImplementationId>
|
|
<sslKeys id="default">
|
|
<serverCertificate> MIIJzzCCCLegAwIBAgIQFMkYM/fihYkf2zwDkIUk4zANBgkqhkiG9w0BAQsFADCB3zELMAkGA1UEBhMCREUxJTAjBgNVBAoMHFQtU3lzdGVtcyBJbnRlcm5hdGlvbmFsIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxHDAaBgNVBAgME05vcmRyaGVpbiBXZXN0ZmFsZW4xDjAMBgNVBBEMBTU3MjUwMRAwDgYDVQQHDAdOZXRwaGVuMSAwHgYDVQQJDBdVbnRlcmUgSW5kdXN0cmllc3RyLiAyMDEmMCQGA1UEAwwdVGVsZVNlYyBTZXJ2ZXJQYXNzIENsYXNzIDIgQ0EwHhcNMjAxMjIyMTM1MTI5WhcNMjExMjI3MjM1OTU5WjCBgzELMAkGA1UEBhMCREUxITAfBgNVBAoMGEdvdmVybmlrdXMgR21iSCAmIENvLiBLRzELMAkGA1UECxMCU0UxDzANBgNVBAgTBkJyZW1lbjEPMA0GA1UEBxMGQnJlbWVuMSIwIAYDVQQDExlkdmNhLXIxLmdvdmVybmlrdXMtZWlkLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApD2cLcZddztiHnWF2coJCT83OC2/qJRqgoMs+YNtWWolN0qX+0mH1l6gMiX/fn0kVOCXNRqjHG/8ljDOYgdQ/jMjllAjc31rG1pxJGpPyd9jsfD3ZsJLmsxmUgv584LIzKrJAGZ6xNRQx9i3+heo3CR0RL9U+RzoqvvgSCW9P4lQlZHdEsXy5vTV2g+diq2sYLku7AhA/qCPk2q6ybPKCHJOlmN/p1QY/g1HV0KYGzsoAXIHpqxIPMZlyfcLPtxZE2HQWyVjL4826j5QE+IuQ/4gu829uEksNw6U0cMDsyx1WtEzQmCXEhpE25IfIvASbf8qhQLVzAZA40TsTL2hotW0lPX+9J1JdayW+11g02VKreyutQ/ee3ZNM7yg2ntoOm6KnRYjerEZADuG7fFHqWHXHie+GKAMYEqKneIJjJ9CoAWuMtTSGAIPdk9MhBCwDpnUeGqFMFHnNb0RuDmlyIzdprAL40GmUVIV+eX+WfSFg2z5r4iWKN4P+3V9KNu+xUQXdpmzLNsmhNhknte1YmwgklIHgZ1oGcivTmyw9mFjOPVASrCB9CguSsJeCh17RNVjJs+seu0RQXVN12fya4vjIW6AMrUDuHKamtYHcbh9KC4JTHpN1UwrmY4bbuQwoiNRxfYZmlVQFv8QA0nyJLQqaKQq0bOrEwwHUBvWe88CAwEAAaOCBN8wggTbMB8GA1UdIwQYMBaAFJTIdEb1OrRGSCb4K8o0HlYmBBIAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFGmYca4w8aU9vhOXmrMTyPCAYA2xMGUGA1UdIAReMFwwUAYKKwYBBAG9Rw0XATBCMEAGCCsGAQUFBwIBFjRodHRwOi8vZG9jcy5zZXJ2ZXJwYXNzLnRlbGVzZWMuZGUvY3BzL3NlcnZlcnBhc3MuaHRtMAgGBmeBDAECAjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNlcnZlcnBhc3MudGVsZXNlYy5kZS9ybC9TZXJ2ZXJQYXNzX0NsYXNzXzIuY3JsMIGZBggrBgEFBQcBAQSBjDCBiTAzBggrBgEFBQcwAYYnaHR0cDovL29jc3Auc2VydmVycGFzcy50ZWxlc2VjLmRlL29jc3ByMFIGCCsGAQUFBzAChkZodHRwOi8vY3JsLnNlcnZlcnBhc3MudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19TZXJ2ZXJQYXNzX0NsYXNzXzJfQ0EuY2VyMAwGA1UdEwEB/wQCMAAwJAYDVR0RBB0wG4IZZHZjYS1yMS5nb3Zlcm5pa3VzLWVpZC5kZTCCAuQGCisGAQQB1nkCBAIEggLUBIIC0ALOAHYAfT7y+I//iFVoJMLAyp5SiXkrxQ54CX8uapdomX4i8NcAAAF2irga2gAABAMARzBFAiEAvaF2YLJ/w2OQkZhQjeTtAoisXxZWYCb6QScffEsfh8oCIA3u582jShxT/LCY64Vcm4QIjy6u8Z1hsp425PfyTj/dAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAF2irgbhAAABAMARzBFAiEA9r/yo5Ukrxx7f8/xXN7AIR23NMG0xHcjywv6+86Y6KkCIAns95gErnCUwrL6YzHFDEVan4atNekpJ6mQbqYs555qAHYARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAF2irgbSAAABAMARzBFAiA1mL62VSica7xmG+zdM5SW8FHLof0VV29UBSIY+xbJ3QIhAPke7rLTOSLAoheo2wH6mvxhYq0d4ktRMr9Igi/12D++AHUA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF2irgbCQAABAMARjBEAiBQEduOkCuTscbEaIU4EkPgserY7pVVI4diuRl844mMwgIgWa8pYn4YjjT+szRQnC4MQcNIIqmOhATcdfsx+8y6GKYAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAXaKuByiAAAEAwBHMEUCIQDXIS0kgvrXdJsz7JDje1HX5MmEmk7G4h7kofWMejKdvwIgUPPTLNkOgtUAZk+LZ4R6car4JIeGc2P6Ipn7M7EDcqsAdQBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXaKuB0lAAAEAwBGMEQCIAxHwbO6WaW8XH6NJ6cwVFgbjNDj3m7UwQaH4GHoUeJwAiAmpiz925MTCmxzxHGwgrGGRqnIDbgoZ8SLkpTd7ZyNdjANBgkqhkiG9w0BAQsFAAOCAQEAZSVx0OejdS9xObK1kqlbQ4fz5cJJafr5RZWvdjjGQD4TSb2+ifalqA028JbfNH8BOzNMsSN7ZxCLDNDsJ5JO8zl4n37WMQuMH/X2OA8tfg62Rh27nFG6HM+8eELRII8i9kw9huiGuPkKByHvCBvVJyeCy73d1kfJ++BJazbYbBE2evgnKXRWPnyDNfQRvbuLnQ0Ji2vFPTupNUenzRYT6VFZcZFksB7lRfViiJyI8YPog4pJ7d71n1B7yqOf0QqgTISc1n3SjR1nCv48MxXGcc6NwSbGMo7kjQqgwJhJSFNxeiLuQnrGYw9soNtVe0Pcmve0hMGefR9T1RLK5DJZYA==</serverCertificate>
|
|
<clientCertificate>${DEMW_TLS_CLIENT_CERT}</clientCertificate>
|
|
<clientKey>${DEMW_TLS_CLIENT_KEY}</clientKey>
|
|
</sslKeys>
|
|
<terminalAuthService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/ta-service</url>
|
|
</terminalAuthService>
|
|
<restrictedIdService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/ri-service</url>
|
|
</restrictedIdService>
|
|
<passiveAuthService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/pa-service</url>
|
|
</passiveAuthService>
|
|
<dvcaCertDescriptionService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/certDesc-service</url>
|
|
</dvcaCertDescriptionService>
|
|
</PkiConnectorConfiguration>
|
|
<PaosReceiverURL>https://${PUBLIC_HOSTNAME}/eidas-middleware/paosreceiver</PaosReceiverURL>
|
|
<hoursRefreshCVCBeforeExpires>240</hoursRefreshCVCBeforeExpires>
|
|
</EPAConnectorConfiguration>
|
|
</ServiceProvider>
|
|
</CoreConfiguration>
|
|
EOF
|