Ctrl+K

Overview

Overview#

Each PKI subsystem has a corresponding web application which contains:

  • HTML pages which contains texts, JavaScript codes, page layout, CSS formatting, etc.

  • web.xml which defines servlets, paths, security constraints, etc.

  • links to PKI libraries

The subsystem web applications are deployed using context files located in /var/lib/pki/pki-tomcat/conf/Catalina/localhost/ca.xml:

<Context docBase="/usr/share/pki/ca/webapps/ca" crossContext="true" allowLinking="true">
``    …``

The docBase points to the location of the default web application folder in /usr/share/pki.

Creating Custom Web Application#

There are two ways to create a custom web application from the default one:

  • deep copy

  • shallow copy

Deep copy#

To create a deep copy of the web application, copy the web application folder into the instance’s webapps folder:

$ cp -r /usr/share/pki/ca/webapps/ca`` /var/lib/pki/\ ``pki-tomcat/webapps
$ chown -R pkiuser.pkiuser /var/lib/pki/pki-tomcat/webapps/ca

Shallow copy#

To create a shallow copy of the web application, create a folder in the instance’s webapps folder, copy only the files that need to be customized, then create links for the other files/folders. For example, to customize web.xml:

$ mkdir -p /var/lib/pki/pki-tomcat/webapps/ca
$ cd /var/lib/pki/pki-tomcat/webapps/ca
$ ln -s /usr/share/pki/ca/webapps/ca/* .
$ rm -f WEB-INF
$ mkdir WEB-INF
$ ln -s /usr/share/pki/ca/webapps/ca/WEB-INF/* WEB-INF
$ rm -f WEB-INF/web.xml
$ cp /usr/share/pki/ca/webapps/ca/WEB-INF/web.xml WEB-INF
$ chown -R pkiuser.pkiuser .

Configuring Web Application Context#

To use the customized web application, change the docBase in /var/lib/pki/pki-tomcat/conf/Catalina/localhost/ca.xml to point to the custom web application folder relative from the webapps folder:

<Context docBase="ca" crossContext="true" allowLinking="true">
``    …``

The change will be effective immediately. There is no need to restart the server.

Upgrading Custom PKI Subsystem#

See Upgrading Custom PKI Subsystem.

Removing Custom PKI Subsystem#

To remove the custom web application simply revert the docBase and delete the custom web application folder:

$ rm -rf /var/lib/pki/pki-tomcat/webapps/ca

See Also#

Contents