/usr/share/pki/java-tools/KRATool.cfg is in pki-tools 10.6.0-1ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 | kratool.ldif.caEnrollmentRequest._000=########################################
kratool.ldif.caEnrollmentRequest._001=## KRA CA Enrollment Request ##
kratool.ldif.caEnrollmentRequest._002=########################################
kratool.ldif.caEnrollmentRequest._003=## ##
kratool.ldif.caEnrollmentRequest._004=## NEVER allow 'KRATOOL' the ability ##
kratool.ldif.caEnrollmentRequest._005=## to change the CA 'naming context' ##
kratool.ldif.caEnrollmentRequest._006=## data in the following fields: ##
kratool.ldif.caEnrollmentRequest._007=## ##
kratool.ldif.caEnrollmentRequest._008=## extdata-auth--005ftoken;uid ##
kratool.ldif.caEnrollmentRequest._009=## extdata-auth--005ftoken;userid ##
kratool.ldif.caEnrollmentRequest._010=## extdata-updatedby ##
kratool.ldif.caEnrollmentRequest._011=## ##
kratool.ldif.caEnrollmentRequest._012=## NEVER allow 'KRATOOL' the ability ##
kratool.ldif.caEnrollmentRequest._013=## to change CA 'numeric' data in ##
kratool.ldif.caEnrollmentRequest._014=## the following fields: ##
kratool.ldif.caEnrollmentRequest._015=## ##
kratool.ldif.caEnrollmentRequest._016=## extdata-requestId ##
kratool.ldif.caEnrollmentRequest._017=## ##
kratool.ldif.caEnrollmentRequest._018=########################################
kratool.ldif.caEnrollmentRequest.cn=true
kratool.ldif.caEnrollmentRequest.dateOfModify=true
kratool.ldif.caEnrollmentRequest.dn=true
kratool.ldif.caEnrollmentRequest.extdata.keyRecord=true
kratool.ldif.caEnrollmentRequest.extdata.requestNotes=true
kratool.ldif.caEnrollmentRequest.requestId=true
kratool.ldif.caKeyRecord._000=#########################################
kratool.ldif.caKeyRecord._001=## KRA CA Key Record ##
kratool.ldif.caKeyRecord._002=#########################################
kratool.ldif.caKeyRecord._003=## ##
kratool.ldif.caKeyRecord._004=## NEVER allow 'KRATOOL' the ability ##
kratool.ldif.caKeyRecord._005=## to change the CA 'naming context' ##
kratool.ldif.caKeyRecord._006=## data in the following fields: ##
kratool.ldif.caKeyRecord._007=## ##
kratool.ldif.caKeyRecord._008=## archivedBy ##
kratool.ldif.caKeyRecord._009=## ##
kratool.ldif.caKeyRecord._010=#########################################
kratool.ldif.caKeyRecord.cn=true
kratool.ldif.caKeyRecord.dateOfModify=true
kratool.ldif.caKeyRecord.dn=true
kratool.ldif.caKeyRecord.privateKeyData=true
kratool.ldif.caKeyRecord.serialno=true
kratool.ldif.namingContext._000=############################################
kratool.ldif.namingContext._001=## KRA Naming Context Fields ##
kratool.ldif.namingContext._002=############################################
kratool.ldif.namingContext._003=## ##
kratool.ldif.namingContext._004=## NEVER allow 'KRATOOL' the ability to ##
kratool.ldif.namingContext._005=## change the CA 'naming context' data ##
kratool.ldif.namingContext._006=## in the following 'non-KeyRecord / ##
kratool.ldif.namingContext._007=## non-Request' fields (as these records ##
kratool.ldif.namingContext._008=## should be removed via the option to ##
kratool.ldif.namingContext._009=## process requests and key records only ##
kratool.ldif.namingContext._010=## if this is a KRA migration): ##
kratool.ldif.namingContext._011=## ##
kratool.ldif.namingContext._012=## cn ##
kratool.ldif.namingContext._013=## sn ##
kratool.ldif.namingContext._014=## uid ##
kratool.ldif.namingContext._015=## uniqueMember ##
kratool.ldif.namingContext._016=## ##
kratool.ldif.namingContext._017=## NEVER allow 'KRATOOL' the ability to ##
kratool.ldif.namingContext._018=## change the KRA 'naming context' data ##
kratool.ldif.namingContext._019=## in the following 'non-KeyRecord / ##
kratool.ldif.namingContext._020=## non-Request' fields (as these records ##
kratool.ldif.namingContext._021=## should be removed via the option to ##
kratool.ldif.namingContext._022=## process requests and key records only ##
kratool.ldif.namingContext._023=## if this is a KRA migration): ##
kratool.ldif.namingContext._024=## ##
kratool.ldif.namingContext._025=## dc ##
kratool.ldif.namingContext._026=## dn ##
kratool.ldif.namingContext._027=## uniqueMember ##
kratool.ldif.namingContext._028=## ##
kratool.ldif.namingContext._029=## NEVER allow 'KRATOOL' the ability to ##
kratool.ldif.namingContext._030=## change the TPS 'naming context' data ##
kratool.ldif.namingContext._031=## in the following 'non-KeyRecord / ##
kratool.ldif.namingContext._032=## non-Request' fields (as these records ##
kratool.ldif.namingContext._033=## should be removed via the option to ##
kratool.ldif.namingContext._034=## process requests and key records only ##
kratool.ldif.namingContext._035=## if this is a KRA migration): ##
kratool.ldif.namingContext._036=## ##
kratool.ldif.namingContext._037=## uid ##
kratool.ldif.namingContext._038=## uniqueMember ##
kratool.ldif.namingContext._039=## ##
kratool.ldif.namingContext._040=## If '-source_naming_context ##
kratool.ldif.namingContext._041=## <original source KRA naming context>' ##
kratool.ldif.namingContext._042=## and '-target_naming_context ##
kratool.ldif.namingContext._043=## <renamed target KRA naming context>' ##
kratool.ldif.namingContext._044=## options are specified, ALWAYS ##
kratool.ldif.namingContext._045=## require 'KRATOOL' to change the ##
kratool.ldif.namingContext._046=## KRA 'naming context' data in ALL of ##
kratool.ldif.namingContext._047=## the following fields in EACH of the ##
kratool.ldif.namingContext._048=## following types of records: ##
kratool.ldif.namingContext._049=## ##
kratool.ldif.namingContext._050=## caEnrollmentRequest: ##
kratool.ldif.namingContext._051=## ##
kratool.ldif.namingContext._052=## dn ##
kratool.ldif.namingContext._053=## extdata-auth--005ftoken;user ##
kratool.ldif.namingContext._054=## extdata-auth--005ftoken;userdn ##
kratool.ldif.namingContext._055=## ##
kratool.ldif.namingContext._056=## caKeyRecord: ##
kratool.ldif.namingContext._057=## ##
kratool.ldif.namingContext._058=## dn ##
kratool.ldif.namingContext._059=## ##
kratool.ldif.namingContext._060=## recoveryRequest: ##
kratool.ldif.namingContext._061=## ##
kratool.ldif.namingContext._062=## dn ##
kratool.ldif.namingContext._063=## ##
kratool.ldif.namingContext._064=## tpsKeyRecord: ##
kratool.ldif.namingContext._065=## ##
kratool.ldif.namingContext._066=## dn ##
kratool.ldif.namingContext._067=## ##
kratool.ldif.namingContext._068=## tpsNetkeyKeygenRequest: ##
kratool.ldif.namingContext._069=## ##
kratool.ldif.namingContext._070=## dn ##
kratool.ldif.namingContext._071=## ##
kratool.ldif.namingContext._072=############################################
kratool.ldif.recoveryRequest._000=#####################################
kratool.ldif.recoveryRequest._001=## KRA CA / TPS Recovery Request ##
kratool.ldif.recoveryRequest._002=#####################################
kratool.ldif.recoveryRequest.cn=true
kratool.ldif.recoveryRequest.dateOfModify=true
kratool.ldif.recoveryRequest.dn=true
kratool.ldif.recoveryRequest.extdata.requestId=true
kratool.ldif.recoveryRequest.extdata.requestNotes=true
kratool.ldif.recoveryRequest.extdata.serialnumber=true
kratool.ldif.recoveryRequest.requestId=true
kratool.ldif.tpsKeyRecord._000=#########################################
kratool.ldif.tpsKeyRecord._001=## KRA TPS Key Record ##
kratool.ldif.tpsKeyRecord._002=#########################################
kratool.ldif.tpsKeyRecord._003=## ##
kratool.ldif.tpsKeyRecord._004=## NEVER allow 'KRATOOL' the ability ##
kratool.ldif.tpsKeyRecord._005=## to change the TPS 'naming context' ##
kratool.ldif.tpsKeyRecord._006=## data in the following fields: ##
kratool.ldif.tpsKeyRecord._007=## ##
kratool.ldif.tpsKeyRecord._008=## archivedBy ##
kratool.ldif.tpsKeyRecord._009=## ##
kratool.ldif.tpsKeyRecord._010=#########################################
kratool.ldif.tpsKeyRecord.cn=true
kratool.ldif.tpsKeyRecord.dateOfModify=true
kratool.ldif.tpsKeyRecord.dn=true
kratool.ldif.tpsKeyRecord.privateKeyData=true
kratool.ldif.tpsKeyRecord.serialno=true
kratool.ldif.tpsNetkeyKeygenRequest._000=#####################################
kratool.ldif.tpsNetkeyKeygenRequest._001=## KRA TPS Netkey Keygen Request ##
kratool.ldif.tpsNetkeyKeygenRequest._002=#####################################
kratool.ldif.tpsNetkeyKeygenRequest._003=## ##
kratool.ldif.tpsNetkeyKeygenRequest._004=## NEVER allow 'KRATOOL' the ##
kratool.ldif.tpsNetkeyKeygenRequest._005=## ability to change the ##
kratool.ldif.tpsNetkeyKeygenRequest._006=## TPS 'naming context' data in ##
kratool.ldif.tpsNetkeyKeygenRequest._007=## the following fields: ##
kratool.ldif.tpsNetkeyKeygenRequest._008=## ##
kratool.ldif.tpsNetkeyKeygenRequest._009=## extdata-updatedby ##
kratool.ldif.tpsNetkeyKeygenRequest._010=## ##
kratool.ldif.tpsNetkeyKeygenRequest._011=#####################################
kratool.ldif.tpsNetkeyKeygenRequest.cn=true
kratool.ldif.tpsNetkeyKeygenRequest.dateOfModify=true
kratool.ldif.tpsNetkeyKeygenRequest.dn=true
kratool.ldif.tpsNetkeyKeygenRequest.extdata.keyRecord=true
kratool.ldif.tpsNetkeyKeygenRequest.extdata.requestId=true
kratool.ldif.tpsNetkeyKeygenRequest.extdata.requestNotes=true
kratool.ldif.tpsNetkeyKeygenRequest.requestId=true
|