48 lines
7.8 KiB
Text
48 lines
7.8 KiB
Text
#!/usr/bin/env bash
|
|
|
|
set -x
|
|
|
|
cat<<EOF
|
|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
|
<CoreConfiguration xmlns="http:/www.bos_bremen.de/2009/06/eID-Server-CoreConfig">
|
|
<ServerUrl>https://${PUBLIC_HOSTNAME}/eidas-middleware</ServerUrl>
|
|
<sessionManagerUsesDatabase>true</sessionManagerUsesDatabase>
|
|
<sessionMaxPendingRequests>500</sessionMaxPendingRequests>
|
|
<certificateWarningMargin>200</certificateWarningMargin>
|
|
<TimerConfiguration>
|
|
<certRenewal length="2" unit="11"/>
|
|
<blacklistRenewal length="2" unit="11"/>
|
|
<masterAndDefectListRenewal length="2" unit="11"/>
|
|
</TimerConfiguration>
|
|
<ServiceProvider entityID="qa-se-de-middleware" enabled="true">
|
|
<EPAConnectorConfiguration updateCVC="true">
|
|
<CVCRefID>qa-se-de-middleware</CVCRefID>
|
|
<PkiConnectorConfiguration>
|
|
<blackListTrustAnchor>MIIGqjCCBJKgAwIBAgIIas94+G4kaTEwDQYJKoZIhvcNAQENBQAwWDEgMB4GA1UEAwwXR292ZXJuaWt1cyBSb290IENBIDQ6UE4xFjAUBgNVBAoMDUdvdmVybmlrdXMgS0cxDzANBgNVBAcMBkJyZW1lbjELMAkGA1UEBhMCREUwHhcNMjAwMzIzMTAwMzI1WhcNMzUwMzIwMTAwMzI1WjBsMRwwGgYDVQQDDBNHb3Zlcm5pa3VzIENBIDEyOlBOMRYwFAYDVQQLDA1Hb3Zlcm5pa3VzIENBMRYwFAYDVQQKDA1Hb3Zlcm5pa3VzIEtHMQ8wDQYDVQQHDAZCcmVtZW4xCzAJBgNVBAYTAkRFMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwXI//LJjA/WpmpQXFfWVsHUwD2UeeUIZyZt5jLto/+CBBDdlz09LY/Qr82ccJ51wjDszE2ubylSH6V1zMxbOwV+rVH65l4e6YkXuS1h/mJVRMg1hu8/yvlt0qtdUIzso4kKXpY2zc/5rBg0l4rZCo48OddX4a9zdxfHcqwbhpqlDw2E13VTK+zd65Y9hYKscdPzK0ZwEgFrH4LjtT+fjntwuj67gwQYrJZO+mvjBn3JGDKyKfHeJXpCU9pUn5Vn7vpisGg5JVrvQ0JIx7whVy5Xk5hcqxtCR0XAQOLp15W3Pwlmnj7m4zUZMUKM61nXM9s3zc43T+90IsC6MosKlV9ryJ57CbNlnHrKZxo7srTyEgzrmvghcWdDRIGEuX28lnfHKot5L8Fg47QVkEXa/pRZN0ugjoXkiuVMEHuKGlF6EmlBv+VX5sHeips3VkrYZDjr/QD20hIB9QpBa6Z+dbdhcbpJM8s85855F7+jY6+Wh32ewl3b6vPrrWifkPNae2MGifJ6poNVEcLNioupj9e6UvoD/YC9q1nmB7hn+huzUpHT9M4p3D142imRn4JxFK03gPRGG0xsgMPJq0uyl/CXCbRpO3H6S3KkzzulVR+9h23G9scn0er4Xv1UfoZpQxElB8GsoA7ToIzmE87DpUxG1nnTQw6/KKYTpKI3fmfMCAwEAAaOCAWIwggFeMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUBBsOJUhm2JvjKvYsg2LRswyMLlcwgfoGCCsGAQUFBwEBBIHtMIHqMIGqBggrBgEFBQcwAoaBnWh0dHBzOi8vd3d3LmdvdmVybmlrdXMuZGUvZWpiY2EvcHVibGljd2ViL3dlYmRpc3QvY2VydGRpc3Q/Y21kPWNhY2VydCZpc3N1ZXI9Q04lM0RHb3Zlcm5pa3VzK1Jvb3QrQ0ErNCUzQVBOJTJDTyUzREdvdmVybmlrdXMrS0clMkNMJTNEQnJlbWVuJTJDQyUzRERFJmxldmVsPTAwOwYIKwYBBQUHMAGGL2h0dHA6Ly9wa2kuZ292ZXJuaWt1cy5jb20vcHVibGljd2ViL3N0YXR1cy9vY3NwMB0GA1UdDgQWBBQpJ+XA++2TUTyvRGYBCiV853NkWzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIBACS2TiZU7kc+jkARuqSZge6OLXIDfqsdWhIDd0b5yZBpYR2ictw6NpSWcTsvY9i+Xb+z1EJhgTymaYYcWBR15rAWbOMTn32cscDgn3BHi2ZVa73yaQ11/1RS+ekkE6dP/F1VNFsk1etSVhJCA/nDws+TZ5/broqPqnxIdESwhIoewY64T+MbALgSM1MCGZPBk6+vch9TGkCA63pDkEpHCZTLofiKkgL51rjK13t5uSxrC5hhiO6Rg4CvdzbefMRS3e7j89ITFqs1aP8jGzh5Up2oMHe+Cbsp+CJmJ44MqMqamaWxT7qkYFMmTp7hLFgoKBxK6s83jFw7ucxlzDpa7G7RR0v5hxxtuX71aI7k9WZWc8v4aqmmSZPN/PwVteePnNE45nmie5JgaV+ek9puRUF9TdaZchZs3o/LpDaViagVb9GDcRvI4SNMMgWtHl6ZLbTOBwlWrkipuCFaGB6Xntj6ypIGMkq7pIYwxRAGN44qzlx0L3OBpPLKebFqZD1obdH5B+mnQzet/WXi9zqnXxGpkNEOpcK/PaUrju9CT6tt9aKITtou0i0pw+e9i7W4wHtz+HwT3BR1E+RQgtjC5+SdaVpcayPvwSqTmXiKrk5FxmgZP+HX5zT/kuhhWqSg1TMa9nMGw32c/il/EmExwU33ypimWYniyRJmJY5lXo8E</blackListTrustAnchor>
|
|
<masterListTrustAnchor>< MIIFOzCCBJ6gAwIBAgICBLAwCgYIKoZIzj0EAwQwRjELMAkGA1UEBhMCREUxDTALBgNVBAoMBGJ1bmQxDDAKBgNVBAsMA2JzaTEaMBgGA1UEAwwRVEVTVCBjc2NhLWdlcm1hbnkwHhcNMTgxMjAzMDYzMzUwWhcNMzIwOTAzMjM1OTU5WjBGMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMRowGAYDVQQDDBFURVNUIGNzY2EtZ2VybWFueTCCAjgwggGvBgcqhkjOPQIBMIIBogIBATBMBgcqhkjOPQEBAkEAqt2duNvpxIs/1OauM8n8B8swjbOzydIO1mOcynAzCHF9TZsAm8ZoQq7NoSrmo4DmKIH/Ly2CxoUoqmBWWDpI8zCBhARAeDCjMYtgO4niMnFFrCNMxZTL3Y09+RYQqDRByuqYY7wt7V1aqCU6oQou8cmLmsi1fxEXpyvyx7nnwaxNd/yUygRAPfkWEKg0QcrqmGO8Le1dWqglOqEKLvHJi5rItX8RF6cr8se558GsTXf8lMrcCD5nmEBQt1665d0oCb1jgBb3IwSBgQSBruS92C7ZZFohMi6cTGqThe2fcLXZFsG0O2Lu9NAJjv87H3ji0NSNUNFoe5O5fV98bVBHQGpeaIs1Igm8ufgifd44XVZjMuzA6r+pz3gi/fIJ9wAkpXsaoADFW4gfgRGy3N5JSl9IXlvKS9iKJ2Ou0corL6jwVAZ4zR4POtgIkgJBAKrdnbjb6cSLP9TmrjPJ/AfLMI2zs8nSDtZjnMpwMwhwVT5cQUypJhlBhmEZf6wQRx2x04EIXdrdtYeWgpypAGkCAQEDgYIABC6SZnzSfg27pu1RwOndsb1g2fyf1DB3E7XTZSHYUZSura1FAhGcal9Fc3GZCPqHsCP/iya+g2v6DCn0LdsK0jMDcvd0QV9hCj4dbgL1/rHp3zqB9eVxLJLgRPvmlXA8l7aGZmIkRUqriqxqSZTkJM7xc2pr+IsgaXfWRE5QcbDUo4IBmTCCAZUwHQYDVR0OBBYEFFOdsYcqrJGT12OS7oDZ5Zls+Zs7MA4GA1UdDwEB/wQEAwIBBjArBgNVHRAEJDAigA8yMDE4MTIwMzA2MzM1MFqBDzIwMjIwMjAzMjM1OTU5WjAWBgNVHSAEDzANMAsGCQQAfwAHAwEBATBRBgNVHREESjBIgRhjc2NhLWdlcm1hbnlAYnNpLmJ1bmQuZGWGHGh0dHBzOi8vd3d3LmJzaS5idW5kLmRlL2NzY2GkDjAMMQowCAYDVQQHDAFEMFEGA1UdEgRKMEiBGGNzY2EtZ2VybWFueUBic2kuYnVuZC5kZYYcaHR0cHM6Ly93d3cuYnNpLmJ1bmQuZGUvY3NjYaQOMAwxCjAIBgNVBAcMAUQwEgYDVR0TAQH/BAgwBgEB/wIBADA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vd3d3LmJzaS5idW5kLmRlL3Rlc3RfY3NjYV9jcmwwDQYHZ4EIAQEGAQQCBQAwHwYDVR0jBBgwFoAUU52xhyqskZPXY5LugNnlmWz5mzswCgYIKoZIzj0EAwQDgYoAMIGGAkEAqFl+bu61fyYn3/roYr1UH7PTUSD4C6rapXsN4lkxkoQRRTjah/u0ZGr4MFiHvKcUwGbT9tQSL9IlLl9yAz0y1AJBAIDU4qD8a4ie5YVGdUqF6BxbbssvqgfcmvCnQdjADDVaBVgdMzNy3Rn8qFsJisUNPUAtBwa8pAeVJ7o1RIYmYj4=/masterListTrustAnchor>
|
|
<defectListTrustAnchor>MIIELTCCA7SgAwIBAgIBBDAKBggqhkjOPQQDAzBVMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMQ0wCwYDVQQFEwQwMDA0MRowGAYDVQQDDBFURVNUIGNzY2EtZ2VybWFueTAeFw0xNTA5MjMwODU1MjZaFw0yNjAzMjMyMzU5NTlaMGAxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARidW5kMQwwCgYDVQQLDANic2kxDTALBgNVBAUTBDAwMDYxJTAjBgNVBAMMHFRFU1QgQ1NDQSBEZWZlY3QgTGlzdCBTaWduZXIwggEzMIHsBgcqhkjOPQIBMIHgAgEBMCwGByqGSM49AQECIQCp+1fboe6pvD5mCpCdg41ybjv2I9UmICggE0gdH25TdzBEBCB9Wgl1/CwwV+72dTBBev/n+4BVwSbcXGzpSktE8zC12QQgJtxcbOlKS0TzMLXZu9d8v5WEFilc9+HOa8zcGP+MB7YEQQSL0q65y35XyyxLSC/8gbevud4n4eO9I8I6RFO9ms4yYlR++DXD2sT9l/hGGhRhHcnCd0UTLe2OVFwdVMcvBGmXAiEAqftX26Huqbw+ZgqQnYONcYw5eqO1Yab3kB4OgpdIVqcCAQEDQgAEphPfzRAJDfLG1r0JpAJYgdRvKc0DacjGhbxhuEWlMRB1XpV3pKPpVHUuraDEaC4Ru8q2W4etyA4Swc8JQ6jdXaOCAYwwggGIMB8GA1UdIwQYMBaAFHD8PNdfzGkLdI7YpGbmsFvP3TmdMB0GA1UdDgQWBBSFeLqnCPkXciiQQOzwVzQDNiNWBDAOBgNVHQ8BAf8EBAMCB4AwKwYDVR0QBCQwIoAPMjAxNTA5MjMwODU1MjZagQ8yMDE4MDkyMzIzNTk1OVowFgYDVR0gBA8wDTALBgkEAH8ABwMBAQEwUQYDVR0RBEowSIEYY3NjYS1nZXJtYW55QGJzaS5idW5kLmRlhhxodHRwczovL3d3dy5ic2kuYnVuZC5kZS9jc2NhpA4wDDEKMAgGA1UEBwwBRDBRBgNVHRIESjBIgRhjc2NhLWdlcm1hbnlAYnNpLmJ1bmQuZGWGHGh0dHBzOi8vd3d3LmJzaS5idW5kLmRlL2NzY2GkDjAMMQowCAYDVQQHDAFEMBQGA1UdJQEB/wQKMAgGBmeBCAEBAzA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vd3d3LmJzaS5idW5kLmRlL3Rlc3RfY3NjYV9jcmwwCgYIKoZIzj0EAwMDZwAwZAIwPAvVTvhJuX0dIyd7Ouv0t03J2KA08JehN+RA6oVU7xvS7RbCLIcKNYqVRnC4eJrOAjB1X89X1lH/0Fq3HH1tKXw3ELw62dBrHeHGsn3kcWNXxYqr5iRobwJru3FPk5ka34s=</defectListTrustAnchor>
|
|
<policyImplementationId>govDvca</policyImplementationId>
|
|
<sslKeys id="default">
|
|
<serverCertificate><%= @demw_tls_server_cert %></serverCertificate>
|
|
<clientCertificate><%= @demw_tls_client_cert %></clientCertificate>
|
|
<clientKey><%= @demw_tls_client_key %></clientKey>
|
|
</sslKeys>
|
|
<terminalAuthService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/ta-service</url>
|
|
</terminalAuthService>
|
|
<restrictedIdService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/ri-service</url>
|
|
</restrictedIdService>
|
|
<passiveAuthService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/pa-service</url>
|
|
</passiveAuthService>
|
|
<dvcaCertDescriptionService sslKeysId="default">
|
|
<url>https://dvca-r1.governikus-eid.de/gov_dvca/certDesc-service</url>
|
|
</dvcaCertDescriptionService>
|
|
</PkiConnectorConfiguration>
|
|
<PaosReceiverURL>https://${PUBLIC_HOSTNAME}/eidas-middleware/paosreceiver</PaosReceiverURL>
|
|
<hoursRefreshCVCBeforeExpires>240</hoursRefreshCVCBeforeExpires>
|
|
</EPAConnectorConfiguration>
|
|
</ServiceProvider>
|
|
</CoreConfiguration>
|
|
EOF
|