Simplifying KRA connector CLIs

[pki-bot]

This issue was migrated from Pagure Issue #2358. Originally filed by edewata (@edewata) on 2016-06-13 21:48:55:

• Assigned to nobody

---

The current KRA connector CLIs do not clarify the distinction between KRA connector and host which make it rather confusing to use and may limit the usage:

• pki ca-kraconnector-show displays the connector configuration that may contain multiple hosts
• pki ca-kraconnector-add -input-file creates a new connector with the provided configuration, but there can only be at most one connector
• pki ca-kraconnector-add --host --port adds a host into the connector, if exists, and it doesn't create a new connector
• pki ca-kraconnector-del --host --port removes a host from the connector, if exists, but if it's the last host it will remove the connector too

To simplify the usage, the KRA connector should always exist in CA, but it's disabled initially. Then a set of CLIs can be provided to manage the connector:

• pki ca-kraconnector-show displays the connector configuration
• pki ca-kraconnector-mod modifies the connector configuration (e.g. changing transport cert)
• pki ca-kraconnector-enable enables the connector
• pki ca-kraconnector-disable disables the connector

and another set to manage the hosts:

• pki ca-kraconnector-host-find lists all hosts in the connector
• pki ca-kraconnector-host-add adds a host into the connector
• pki ca-kraconnector-host-del removes a host from the connector

During installation the pkispawn may need to invoke several commands to configure the connector and add the new host.

The new CLIs will also be more useful to troubleshoot installation issues and fine-tune the configuration post installation.

[pki-bot]

Comment from edewata (@edewata) at 2017-02-27 14:07:57

Metadata Update from @edewata:

• Issue set to the milestone: UNTRIAGED