Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help


       This class publishes a single certificate based on the publishing
       information associated with the certificate profile or a	given prefix.
       The certificate is identified by	the parameter cert_identifier which
       can be set in the action	definition. If unset, the class	falls back to
       the context value of cert_identifier.

       The publishing information is read from the connector at
       profile.<profile	name>.publish which must be a list of names (scalar is
       also ok). If the	node does not exists, profile.default.publish is used.
       Each name is expanded to	the path publishing.entity.<name> which	must
       be a connector reference. The publication target	is taken from the
       parameter publish_key or	defaults to the	certificates common name (CN
       attribute parsed	from the final subject). The data portion contains a
       hash ref	with the keys pem, der and subject (full dn of the cert).
       Note: if	the evaluation of publish_key is empty but defined, the
       publication is stopped.

       To use profile independant publication, specify the parameter prefix
       which must point	to a scalar/list of connector references.

       Set the wanted connector	names in the certificates profile:

	   - extldap
	   - exthttp

       Define the connector references and implementations in publishing.yaml

	     extldap@: connector: publishing.connectors.ext-ldap
	     exthttp@: connector: publishing.connectors.ext-http

	     class: Connector::Proxy::Net::LDAP::Single
	     LOCATION: ldap://localhost:389

   Activity parameters
	   Enables publishing to a fixed set of	connectors, disables per
	   profile settings.

	   Set the identifier of the cert to publish, optional,	default	is the
	   value of the	context	key cert_identifier.

	   The value to	be used	as key for the publication call, optional.
	   E.g.	to publish using the context value with	key "user_email" set
	   this	to "$user_email".

	   Boolean, if set the full context is passed to the connector in the
	   third argument.

	   Define what to do on	problems with the publication connectors. One

	   exception (default)
	       The connector exception bubbles up and the workflow terminates.

	       Skip the	publication target and continue	with the next one.

	       Similar to skip,	but failed targets are added to	a queue. As
	       long as the queue is not	empty, pause/wake_up is	used to	retry
	       those targets with the retry parameters set. This obvioulsy
	       requires	retry_count to be set.

perl v5.24.1OpenXPKI::Server::Workflow::Activity::Tools::PublishCertificate(3)

Name | Description | Configuration

Want to link to this manual page? Use this URL:

home | help