Fixed exception handling in CertUtil.

The CertUtil.createLocalCert() has been modified to re-throw the
exception instead of ignoring it.

https://fedorahosted.org/pki/ticket/1654

2 files changed, 18 insertions, 14 deletions

diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
index f4cd82fcc..774ff94e3 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
@@ -453,10 +453,20 @@ public class CertUtil {
             } else {
                 keyAlgorithm = config.getString(prefix + certTag + ".keyalgorithm");
             }
+
             if (!caProvided)
                 ca = (ICertificateAuthority) CMS.getSubsystem(
                     ICertificateAuthority.ID);
+
             cr = ca.getCertificateRepository();
+
+            if (cr == null) {
+                if (context != null) {
+                    context.put("errorString", "Ceritifcate Authority is not ready to serve.");
+                }
+                throw new IOException("Ceritifcate Authority is not ready to serve.");
+            }
+
             BigInteger serialNo = cr.getNextSerialNumber();
             if (type.equals("selfsign")) {
                 CMS.debug("Creating local certificate... selfsign cert");
@@ -575,16 +585,13 @@ public class CertUtil {
             if (cert != null) {
                 CMS.debug("CertUtil createSelfSignedCert: got cert signed");
             }
-        } catch (Exception e) {
-            CMS.debug(e);
-            CMS.debug("CertUtil createLocalCert() exception caught:" + e.toString());
-        }
 
-        if (cr == null) {
-            if (context != null) {
-                context.put("errorString", "Ceritifcate Authority is not ready to serve.");
-            }
-            throw new IOException("Ceritifcate Authority is not ready to serve.");
+        } catch (IOException e) {
+            throw e;
+
+        } catch (Exception e) {
+            CMS.debug("Unable to create local certificate: " + e);
+            throw new IOException("Unable to create local certificate: " + e, e);
         }
 
         ICertRecord record = null;
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 7aeee7e9f..e2b014f35 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -84,7 +84,6 @@ import org.mozilla.jss.crypto.EncryptionAlgorithm;
 import org.mozilla.jss.crypto.IVParameterSpec;
 import org.mozilla.jss.crypto.IllegalBlockSizeException;
 import org.mozilla.jss.crypto.InternalCertificate;
-import org.mozilla.jss.crypto.InvalidKeyFormatException;
 import org.mozilla.jss.crypto.KeyGenAlgorithm;
 import org.mozilla.jss.crypto.KeyGenerator;
 import org.mozilla.jss.crypto.KeyWrapAlgorithm;
@@ -3055,8 +3054,7 @@ public class ConfigurationUtils {
         cr.addCertificateRecord(record);
     }
 
-    public static int handleCerts(Cert cert) throws IOException, EBaseException, CertificateException,
-            NotInitializedException, TokenException, InvalidKeyException {
+    public static int handleCerts(Cert cert) throws Exception {
         String certTag = cert.getCertTag();
         String subsystem = cert.getSubsystem();
         String nickname = cert.getNickname();
@@ -3491,8 +3489,7 @@ public class ConfigurationUtils {
     }
 
     public static void createAdminCertificate(String certRequest, String certRequestType, String subject)
-            throws InvalidBERException, IOException, InvalidKeyException, InvalidKeyFormatException,
-            NoSuchAlgorithmException, SignatureException, NoSuchProviderException, EBaseException {
+            throws Exception {
         IConfigStore cs = CMS.getConfigStore();
         X509Key x509key = null;
         if (certRequestType.equals("crmf")) {