diff options
author | Ade Lee <alee@redhat.com> | 2012-11-02 16:44:47 -0400 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-11-04 22:13:21 -0500 |
commit | a80e994148a81914858f82b14af5fad90e12533d (patch) | |
tree | 4d82f4024ef55571053c2446a4b49cca86a1fd7b | |
parent | db9537d210a20b90115374e5b406db6c9658bc3a (diff) | |
download | pki-a80e994148a81914858f82b14af5fad90e12533d.tar.gz pki-a80e994148a81914858f82b14af5fad90e12533d.tar.xz pki-a80e994148a81914858f82b14af5fad90e12533d.zip |
Convert admin cert from ascii to binary before importing into certdb
Sometimes importing the ascii admin cert into th client certdb fails.
The binary always appears to work though.
-rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 19 | ||||
-rw-r--r-- | base/deploy/src/scriptlets/pkimessages.py | 1 |
2 files changed, 17 insertions, 3 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index 6f71cb88b..4321e0a2a 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -581,11 +581,18 @@ class rest_client: admin_cert_file = os.path.join( master['pki_client_dir'], master['pki_client_admin_cert']) + admin_cert_bin_file = admin_cert_file + ".der" javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\ " " + "'" + admin_cert_file + "'") FILE = open(admin_cert_file, "w") FILE.write(admin_cert) FILE.close() + # convert the cert file to binary + command = "AtoB "+ admin_cert_file + " " + admin_cert_bin_file + javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_ATOB +\ + " " + "'" + command + "'") + os.system(command) + # Since Jython runs under Java, it does NOT support the # following operating system specific command: # @@ -594,11 +601,18 @@ class rest_client: # config.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS) # # Emulate it with a system call. - command = "chmod" + " " + "660" + " " + admin_cert_file + command = "chmod" + " 660 " + admin_cert_file javasystem.out.println( log.PKI_JYTHON_CHMOD +\ " " + "'" + command + "'") os.system(command) + + command = "chmod" + " 660 " + admin_cert_bin_file + javasystem.out.println( + log.PKI_JYTHON_CHMOD +\ + " " + "'" + command + "'") + os.system(command) + # Import the Administration Certificate # into the client NSS security database command = "certutil" + " " +\ @@ -613,9 +627,8 @@ class rest_client: master['pki_client_password_conf'] + " " +\ "-d" + " " +\ master['pki_client_database_dir'] + " " +\ - "-a" + " " +\ "-i" + " " +\ - admin_cert_file + admin_cert_bin_file javasystem.out.println( log.PKI_JYTHON_ADMIN_CERT_IMPORT +\ " " + "'" + command + "'") diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py index cce2e8f0e..becbea63e 100644 --- a/base/deploy/src/scriptlets/pkimessages.py +++ b/base/deploy/src/scriptlets/pkimessages.py @@ -282,6 +282,7 @@ PKI_JYTHON_ADMIN_CERT_EXPORT = "exporting Admin Certificate from "\ PKI_JYTHON_ADMIN_CERT_IMPORT = "importing Admin Certificate into "\ "NSS client security database:" PKI_JYTHON_ADMIN_CERT_SAVE = "saving Admin Certificate to file:" +PKI_JYTHON_ADMIN_CERT_ATOB = "converting Admin Certificate to binary:" PKI_JYTHON_CDATA_TAG = "tag:" PKI_JYTHON_CDATA_CERT = "cert:" PKI_JYTHON_CDATA_REQUEST = "request:" |