diff -ur security/p5-openxpki.orig/Makefile security/p5-openxpki/Makefile
--- security/p5-openxpki.orig/Makefile	2015-05-07 22:24:15.000000000 +0200
+++ security/p5-openxpki/Makefile	2015-05-15 23:23:41.309345000 +0200
@@ -2,7 +2,8 @@
 # $FreeBSD: head/security/p5-openxpki/Makefile 385665 2015-05-07 20:24:15Z mat $
 
 PORTNAME=	openxpki
-PORTVERSION=	0.27.0.1
+PORTVERSION=	0.28.0
+DISTVERSIONPREFIX=	v
 CATEGORIES=	security perl5
 PKGNAMEPREFIX=	p5-
 
@@ -12,6 +13,7 @@
 LICENSE=	APACHE20
 
 BUILD_DEPENDS=	\
+	p5-Net-DNS>0.83:${PORTSDIR}/dns/p5-Net-DNS \
 	p5-Math-BigInt>=1.9993:${PORTSDIR}/math/p5-Math-BigInt \
 	p5-Test-Prereq>=0:${PORTSDIR}/devel/p5-Test-Prereq \
 	p5-Config-GitLike>=0:${PORTSDIR}/devel/p5-Config-GitLike \
@@ -71,8 +73,6 @@
 	p5-openxpki-client-html-mason-[0-9]*
 
 USE_GITHUB=	yes
-GH_TAGNAME=	5a4c5eb
-
 USE_OPENSSL=	yes
 USE_PERL5=	configure
 USES=		gmake perl5
@@ -92,7 +92,7 @@
 			${LOCALBASE}/bin/imgsize:${PORTSDIR}/graphics/p5-Image-Size
 
 post-patch:
-	@${REINPLACE_CMD} -e 's|..vergen --format version.|"${PORTVERSION:R}"|g' ${WRKSRC}/Makefile.PL
+	@${REINPLACE_CMD} -e 's|..vergen --format version.|"${PORTVERSION}"|g' ${WRKSRC}/Makefile.PL
 	@${RM} -f ${WRKSRC}/Makefile.PL.bak
 	@( \
 	cd ${WRKSRC}/../..; \
@@ -106,17 +106,22 @@
 	@${MKDIR} ${WRKSRC}/t/var/log/openxpki
 
 post-stage:
-	@${MKDIR} ${STAGEDIR}/var/openxpki
 	@${MKDIR} ${STAGEDIR}/var/openxpki/session
 	@${MKDIR} ${STAGEDIR}/var/log/openxpki
 	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/openxpki
 
-#pre-install:	test
-
 .include <bsd.port.pre.mk>
 
+.if defined(WITH_OPENSSL_PORT) && defined(OPENSSL_PORT) && ${OPENSSL_PORT} == security/libressl
+IGNORE=	this version of OpenXPKI is not fully functional with LibreSSL library, use OpenSSL instead
+.endif
+
+OXLIB=	${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}/auto/OpenXPKI/OpenXPKI.so
+
 post-install:
-	@${STRIP_CMD} ${STAGEDIR}${PREFIX}/${SITE_ARCH_REL}/auto/OpenXPKI/OpenXPKI.so
+	${CHMOD} u+w ${OXLIB}
+	${STRIP_CMD} ${OXLIB}
+	${CHMOD} u-w ${OXLIB}
 	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
 	@(cd ${WRKSRC}/../../config && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR})
 .	if ${PORT_OPTIONS:MDOCS}
diff -ur security/p5-openxpki.orig/distinfo security/p5-openxpki/distinfo
--- security/p5-openxpki.orig/distinfo	2015-05-07 22:24:15.000000000 +0200
+++ security/p5-openxpki/distinfo	2015-05-08 01:43:50.874811000 +0200
@@ -1,2 +1,2 @@
-SHA256 (openxpki-openxpki-0.27.0.1-5a4c5eb_GH0.tar.gz) = 5fa95dfd28d141cd506e6927faf9adc9f2496e523b2da90e8ee05bcaf6f66f4f
-SIZE (openxpki-openxpki-0.27.0.1-5a4c5eb_GH0.tar.gz) = 2094261
+SHA256 (openxpki-openxpki-v0.28.0_GH0.tar.gz) = d2204ba3c3abb30e5ba2eb5c78ba8c9da651d9616774a796c4c52b02e03ec989
+SIZE (openxpki-openxpki-v0.28.0_GH0.tar.gz) = 2077300
diff -ur security/p5-openxpki.orig/files/pkg-message.in security/p5-openxpki/files/pkg-message.in
--- security/p5-openxpki.orig/files/pkg-message.in	2014-11-16 13:25:30.000000000 +0100
+++ security/p5-openxpki/files/pkg-message.in	2015-05-08 08:41:20.071516000 +0200
@@ -1,29 +1,30 @@
 ==================================================================
-- Universal server building block (OpenXPKI) for arbitrary PKI installed. 
-- SCEP prerequisite binary and i18n tools for UI installed.
+- Universal server building block (OpenXPKI) for arbitrary PKI: installed. 
+- SCEP prerequisite binary and i18n tools for UI: installed.
 - Enable utf8 locale (e.g. en_US.utf8) for the translation staff to operate
   (translation is needed even for English language).
 - Install your favorite database (enable utf8 support), 
   e.g. databases/mysql56-server
-  Install perl interface for your favorite database, 
+- Install perl interface for your favorite database, 
   e.g. databases/p5-DBD-mysql
 - Install your favorite web server.
   This port has created user:group as openxpki:openxpki
   Add a line: "User openxpki" to configuration of your OpenXPKI-related 
   web server. Choose from two versions of the handler: based on CGI or FastCGI
   perl core modules.
-- Perform deployment procedure for OpenXPKI in a regular way, 
-  without this OpenXPKI server would not start.
+- Perform deployment procedure (define a role of the server inside the PKI
+  infrastructure) for OpenXPKI server in a regular way, 
+  without this procedure OpenXPKI server would not start.
+  E.g. if you want your server to act as the simplest CA, 
+  then copy sample configuration for this case with 
+    cp -R %%EXAMPLESDIR%%/openxpki/* %%PREFIX%%/etc/openxpki/
+  and follow advice at:
+  https://openxpki.readthedocs.org/en/latest/quickstart.html
 - Start daemons in this order:
     database server,
     OpenXPKI server (%%PREFIX%%/etc/rc.d/openxpki start),
     web server.
 - Docs installed (if you opted so) into %%DOCSDIR%%
-- If you want your PKI server to act as the simplest CA, 
-  then copy sample configuration for this case with 
-    cp -R %%EXAMPLESDIR%%/openxpki/* %%PREFIX%%/etc/openxpki/
-  and follow advice at:
-  https://openxpki.readthedocs.org/en/latest/quickstart.html
 - Mind FreeBSD specific file structure:
     %%PREFIX%%/etc/openxpki: server configuration, logs configuration.
     /var/openxpki: pid file, socket file, ...
diff -ur security/p5-openxpki.orig/pkg-descr security/p5-openxpki/pkg-descr
--- security/p5-openxpki.orig/pkg-descr	2014-11-16 13:25:30.000000000 +0100
+++ security/p5-openxpki/pkg-descr	2015-05-08 07:09:23.695483000 +0200
@@ -1,3 +1,4 @@
-Perl based trustcenter software for PKI: universal server building block
+Perl based trustcenter software for private key infrastructure (PKI):
+universal server building block
 
 WWW: http://www.openxpki.org
diff -ur security/p5-openxpki.orig/pkg-plist security/p5-openxpki/pkg-plist
--- security/p5-openxpki.orig/pkg-plist	2015-03-16 11:52:01.000000000 +0100
+++ security/p5-openxpki/pkg-plist	2015-05-08 06:47:27.420034000 +0200
@@ -10,6 +10,7 @@
 %%SITE_ARCH%%/OpenXPKI/Client/Simple.pm
 %%SITE_ARCH%%/OpenXPKI/Client/UI.pm
 %%SITE_ARCH%%/OpenXPKI/Client/UI/Bootstrap.pm
+%%SITE_ARCH%%/OpenXPKI/Client/UI/Bulk.pm
 %%SITE_ARCH%%/OpenXPKI/Client/UI/Certificate.pm
 %%SITE_ARCH%%/OpenXPKI/Client/UI/Crl.pm
 %%SITE_ARCH%%/OpenXPKI/Client/UI/Handle/Profile.pm
@@ -237,6 +238,7 @@
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/RenderSubject.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/RetrieveCertificate.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/RevokeCertificate.pm
+%%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/SetAttribute.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/SetContext.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/SetErrorCode.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Activity/Tools/SetSource.pm
@@ -286,6 +288,7 @@
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Persister/DBI/SequenceId.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Persister/Null.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Stub.pm
+%%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/ApprovalSignature.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/Bulk.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertIdentifierExists.pm
@@ -293,6 +296,7 @@
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertRole.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertSubject.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertSubjectAltNameParts.pm
+%%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertSubjectFields.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/CertSubjectParts.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/Connector.pm
 %%SITE_ARCH%%/OpenXPKI/Server/Workflow/Validator/Creator.pm
@@ -323,6 +327,7 @@
 %%SITE_ARCH%%/OpenXPKI/Service/SCEP/Command/PKIOperation.pm
 %%SITE_ARCH%%/OpenXPKI/Template.pm
 %%SITE_ARCH%%/OpenXPKI/Template/Plugin/Certificate.pm
+%%SITE_ARCH%%/OpenXPKI/Template/Plugin/CheckDNS.pm
 %%SITE_ARCH%%/OpenXPKI/Template/Plugin/RandomPassword.pm
 %%SITE_ARCH%%/OpenXPKI/Test/More.pm
 %%SITE_ARCH%%/OpenXPKI/Tests.pm
@@ -340,6 +345,7 @@
 %%PERL5_MAN3%%/OpenXPKI::Client::SCEP.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Client::Simple.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Client::UI.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Client::UI::Bulk.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Client::UI::Certificate.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Client::UI::Crl.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Client::UI::Home.3.gz
@@ -551,6 +557,7 @@
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::RenderSubject.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::RetrieveCertificate.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::RevokeCertificate.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::SetAttribute.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::SetContext.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::SetErrorCode.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Activity::Tools::SetSource.3.gz
@@ -597,6 +604,7 @@
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Persister::DBI.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Persister::DBI::SequenceId.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Persister::Null.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::ApprovalSignature.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::Bulk.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertIdentifierExists.3.gz
@@ -604,6 +612,7 @@
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertRole.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertSubject.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertSubjectAltNameParts.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertSubjectFields.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::CertSubjectParts.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::Connector.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Server::Workflow::Validator::Creator.3.gz
@@ -632,7 +641,9 @@
 %%PERL5_MAN3%%/OpenXPKI::Service::SCEP::Command::GetCACert.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Service::SCEP::Command::GetNextCACert.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Service::SCEP::Command::PKIOperation.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Template.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Template::Plugin::Certificate.3.gz
+%%PERL5_MAN3%%/OpenXPKI::Template::Plugin::CheckDNS.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Template::Plugin::RandomPassword.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Test::More.3.gz
 %%PERL5_MAN3%%/OpenXPKI::Tests.3.gz
@@ -685,19 +696,6 @@
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/graffle/workflow_enrollment.graffle
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/graffle/workflow_ogflow.graffle
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/README.md
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_activity.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_activity_certificate_revocation_request.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_activity_certificate_signing_request.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_activity_nice.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_condition.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_condition_acl.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_condition_nice.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_def_certificate_revocation_request.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_def_certificate_signing_request.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_validator.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_validator_certificate_revocation_request.xml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/_workflow/workflow_validator_certificate_signing_request.xml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/auth/connector.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/auth/handler.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/auth/roles.yaml
@@ -714,7 +712,32 @@
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/I18N_OPENXPKI_PROFILE_USER.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/default.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/sample.yaml
-%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/c.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/cn.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/comment.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/dc.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/department.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/email.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/hostname.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/hostname2.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/o.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/ou.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/port.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/realname.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/requestor_affiliation.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/requestor_email.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/requestor_gname.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/requestor_name.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/requestor_phone.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/sample.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_dns.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_guid.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_ipv4.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_rid.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_upn.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/san_uri.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/userid.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/profile/template/username.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/publishing.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/scep/scep-server-1.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/uicontrol/Anonymous.yaml
@@ -741,6 +764,7 @@
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/action/skip.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/condition/is_batch_mode.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/cert_identifier.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/cert_info.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/cert_subject.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/cert_subject_alt_name.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/comment.yaml
@@ -753,6 +777,10 @@
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/pkcs10.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/field/reason_code.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/cert_identifier_exists.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/cert_info_parts.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/cert_san_parts.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/cert_subject_parts.yaml
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/key_reuse.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/global/validator/validity_window.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/realm/ca-one/workflow/persister.yaml
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/openxpki/config.d/system/crypto.yaml