Updated default client database location for CLI.

The default client database location for CLI has been changed to
~/.dogtag/nssdb. The database will always be initialized regardless
whether it is actually used.

Ticket #491

2 files changed, 33 insertions, 48 deletions

diff --git a/base/common/src/com/netscape/certsrv/client/PKIConnection.java b/base/common/src/com/netscape/certsrv/client/PKIConnection.java
index 62d549532..c86fd3ade 100644
--- a/base/common/src/com/netscape/certsrv/client/PKIConnection.java
+++ b/base/common/src/com/netscape/certsrv/client/PKIConnection.java
@@ -61,8 +61,6 @@ import org.jboss.resteasy.client.core.BaseClientResponse;
 import org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor;
 import org.jboss.resteasy.client.core.extractors.ClientErrorHandler;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
-import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.crypto.AlreadyInitializedException;
 import org.mozilla.jss.crypto.X509Certificate;
 import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
 import org.mozilla.jss.ssl.SSLSocket;
@@ -458,29 +456,6 @@ public class PKIConnection {
                 UnknownHostException,
                 ConnectTimeoutException {
 
-            // Initialize JSS before using SSLSocket,
-            // otherwise it will throw UnsatisfiedLinkError.
-            if (config.getCertDatabase() == null) {
-                try {
-                    // No database specified, use $HOME/.pki/nssdb.
-                    File homeDir = new File(System.getProperty("user.home"));
-                    File pkiDir = new File(homeDir, ".pki");
-                    File nssdbDir = new File(pkiDir, "nssdb");
-                    nssdbDir.mkdirs();
-
-                    CryptoManager.initialize(nssdbDir.getAbsolutePath());
-
-                } catch (AlreadyInitializedException e) {
-                    // ignore
-
-                } catch (Exception e) {
-                    throw new Error(e);
-                }
-
-            } else {
-                // Database specified, already initialized by the main program.
-            }
-
             String hostName = null;
             int port = 0;
             if (remoteAddress != null) {
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 8a9f544c2..d5707d155 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -57,6 +57,8 @@ public class MainCLI extends CLI {
     public Collection<Integer> rejectedCertStatuses;
     public Collection<Integer> ignoredCertStatuses;
 
+    public File certDatabase;
+
     public PKIClient client;
     public PKIConnection connection;
     public AccountClient accountClient;
@@ -328,33 +330,41 @@ public class MainCLI extends CLI {
 
         if (verbose) System.out.println("Server URI: "+config.getServerURI());
 
-        // initialize certificate database if specified
-        if (config.getCertDatabase() != null) {
+        // initialize certificate database
+        if (config.getCertDatabase() == null) {
+            this.certDatabase = new File(
+                    System.getProperty("user.home") + File.separator +
+                    ".dogtag" + File.separator + "nssdb");
 
-            try {
-                if (verbose) System.out.println("Certificate database: "+config.getCertDatabase());
-                CryptoManager.initialize(config.getCertDatabase());
-
-                if (config.getPassword() != null) {
-                    try {
-                        CryptoManager manager = CryptoManager.getInstance();
-                        CryptoToken token = manager.getInternalKeyStorageToken();
-                        Password password = new Password(config.getPassword().toCharArray());
-                        token.login(password);
-
-                    } catch (IncorrectPasswordException e) {
-                        throw new Error("Incorrect certificate database password.", e);
-                    }
-                }
+        } else {
+            this.certDatabase = new File(config.getCertDatabase());
+        }
 
-            } catch (Throwable t) {
-                if (verbose) {
-                    t.printStackTrace(System.err);
-                } else {
-                    System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
+        certDatabase.mkdirs();
+
+        try {
+            if (verbose) System.out.println("Certificate database: "+certDatabase.getAbsolutePath());
+            CryptoManager.initialize(certDatabase.getAbsolutePath());
+
+            if (config.getPassword() != null) {
+                try {
+                    CryptoManager manager = CryptoManager.getInstance();
+                    CryptoToken token = manager.getInternalKeyStorageToken();
+                    Password password = new Password(config.getPassword().toCharArray());
+                    token.login(password);
+
+                } catch (IncorrectPasswordException e) {
+                    throw new Error("Incorrect certificate database password.", e);
                 }
-                System.exit(1);
             }
+
+        } catch (Throwable t) {
+            if (verbose) {
+                t.printStackTrace(System.err);
+            } else {
+                System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
+            }
+            System.exit(1);
         }
 
         // execute command