147 lines
5.1 KiB
RPMSpec
147 lines
5.1 KiB
RPMSpec
Summary: Dogtag Public Key Infrastructure (PKI) Suite
|
|
Name: dogtag-pki
|
|
%if 0%{?rhel}
|
|
Version: 10.6.0
|
|
Release: 0.3%{?_timestamp}%{?_commit}%{?dist}
|
|
%else
|
|
Version: 10.6.0
|
|
Release: 0.3%{?_timestamp}%{?_commit}%{?dist}
|
|
%endif
|
|
|
|
# The entire source code is GPLv2 except for 'pki-tps' which is LGPLv2
|
|
License: GPLv2 and LGPLv2
|
|
URL: http://www.dogtagpki.org/
|
|
BuildArch: noarch
|
|
|
|
%if 0%{?fedora} || 0%{?rhel} > 7
|
|
%global with_python3 1
|
|
%else
|
|
%global with_python3 0
|
|
%endif
|
|
|
|
%define dogtag_pki_theme_version %{version}
|
|
%if 0%{?fedora} >= 27 || 0%{?rhel} > 7
|
|
%define esc_version 1.1.1
|
|
%else
|
|
%define esc_version 1.1.0
|
|
%endif
|
|
# NOTE: The following package versions are TLS compliant:
|
|
%if 0%{?rhel}
|
|
%define pki_core_rhel_version 10.5.1
|
|
%define pki_core_rhcs_version %{version}
|
|
%else
|
|
%define pki_core_version %{version}
|
|
%endif
|
|
%define pki_console_version %{version}
|
|
|
|
%if 0%{?fedora} >= 27 || 0%{?rhel} > 7
|
|
# Exclude 'aarch64' and 's390x' architectures since
|
|
# 'esc' does not exist on these two platforms
|
|
ExcludeArch: aarch64 s390x
|
|
%endif
|
|
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of ALL Dogtag PKI theme packages
|
|
Requires: dogtag-pki-server-theme >= %{dogtag_pki_theme_version}
|
|
Requires: dogtag-pki-console-theme >= %{dogtag_pki_theme_version}
|
|
|
|
%if 0%{?rhel}
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of ALL Red Hat PKI core (RHEL) packages
|
|
Requires: pki-base >= %{pki_core_rhel_version}
|
|
Requires: pki-base-java >= %{pki_core_rhel_version}
|
|
%if 0%{?with_python3}
|
|
Requires: pki-base-python3 >= %{pki_core_rhel_version}
|
|
%endif
|
|
Requires: pki-ca >= %{pki_core_rhel_version}
|
|
Requires: pki-kra >= %{pki_core_rhel_version}
|
|
Requires: pki-server >= %{pki_core_rhel_version}
|
|
Requires: pki-symkey >= %{pki_core_rhel_version}
|
|
Requires: pki-tools >= %{pki_core_rhel_version}
|
|
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of ALL Red Hat PKI core (RHCS) packages
|
|
Requires: pki-ocsp >= %{pki_core_rhcs_version}
|
|
Requires: pki-tks >= %{pki_core_rhcs_version}
|
|
Requires: pki-tps >= %{pki_core_rhcs_version}
|
|
%else
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of ALL Dogtag PKI core packages
|
|
Requires: pki-base >= %{pki_core_version}
|
|
Requires: pki-base-java >= %{pki_core_version}
|
|
%if 0%{?with_python3}
|
|
Requires: pki-base-python3 >= %{pki_core_version}
|
|
%endif
|
|
Requires: pki-ca >= %{pki_core_version}
|
|
Requires: pki-kra >= %{pki_core_version}
|
|
Requires: pki-ocsp >= %{pki_core_version}
|
|
Requires: pki-server >= %{pki_core_version}
|
|
Requires: pki-symkey >= %{pki_core_version}
|
|
Requires: pki-tks >= %{pki_core_version}
|
|
Requires: pki-tools >= %{pki_core_version}
|
|
Requires: pki-tps >= %{pki_core_version}
|
|
%endif
|
|
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of Dogtag PKI console
|
|
Requires: pki-console >= %{pki_console_version}
|
|
|
|
# Make certain that this 'meta' package requires the latest version(s)
|
|
# of ALL Dogtag PKI clients
|
|
Requires: esc >= %{esc_version}
|
|
|
|
%description
|
|
The Dogtag Public Key Infrastructure (PKI) Suite is comprised of the following
|
|
five subsystems and a client (for use by a Token Management System):
|
|
|
|
* Certificate Authority (CA)
|
|
* Key Recovery Authority (KRA)
|
|
* Online Certificate Status Protocol (OCSP) Manager
|
|
* Token Key Service (TKS)
|
|
* Token Processing System (TPS)
|
|
* Enterprise Security Client (ESC)
|
|
|
|
Additionally, it provides a console GUI application used for server and
|
|
user/group administration of CA, KRA, OCSP, and TKS, as well as various
|
|
command-line tools used to assist with a PKI deployment.
|
|
|
|
To successfully deploy instances of a CA, KRA, OCSP, TKS, or TPS,
|
|
a Tomcat Web Server must be up and running locally on this machine.
|
|
|
|
To meet the database storage requirements of each CA, KRA, OCSP, TKS, or TPS
|
|
instance, a 389 Directory Server must be up and running either locally on
|
|
this machine, or remotely over the attached network connection.
|
|
|
|
Finally, although they are no longer supplied by this 'meta' package,
|
|
javadocs are available for both JSS (jss-javadoc) and portions of
|
|
the Dogtag PKI API (pki-javadoc).
|
|
|
|
NOTE: As a convenience for standalone deployments, this 'dogtag-pki'
|
|
top-level meta package supplies Dogtag themes for use by the
|
|
certificate server packages:
|
|
|
|
* dogtag-pki-theme (Dogtag Certificate System deployments)
|
|
* dogtag-pki-server-theme
|
|
* dogtag-pki-console-theme
|
|
|
|
%prep
|
|
cat > README <<EOF
|
|
This package is just a "meta-package" whose dependencies pull in all of the
|
|
packages comprising the Dogtag Public Key Infrastructure (PKI) Suite.
|
|
EOF
|
|
|
|
%files
|
|
%defattr(-,root,root,-)
|
|
%doc README
|
|
|
|
%changelog
|
|
* Mon Apr 9 2018 Dogtag PKI Team <pki-devel@redhat.com> - 10.6.0-0.4
|
|
- Updated project URL
|
|
|
|
* Thu Mar 29 2018 Dogtag PKI Team <pki-devel@redhat.com> - 10.6.0-0.3
|
|
- Rebased to PKI 10.6.0 beta2
|
|
|
|
* Thu Mar 15 2018 Dogtag PKI Team <pki-devel@redhat.com> - 10.6.0-0.2
|
|
- Rebased to PKI 10.6.0 beta
|
|
|