summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2012-11-02 16:44:47 -0400
committerAde Lee <alee@redhat.com>2012-11-04 22:13:21 -0500
commita80e994148a81914858f82b14af5fad90e12533d (patch)
tree4d82f4024ef55571053c2446a4b49cca86a1fd7b
parentdb9537d210a20b90115374e5b406db6c9658bc3a (diff)
downloadpki-a80e994148a81914858f82b14af5fad90e12533d.tar.gz
pki-a80e994148a81914858f82b14af5fad90e12533d.tar.xz
pki-a80e994148a81914858f82b14af5fad90e12533d.zip
Convert admin cert from ascii to binary before importing into certdb
Sometimes importing the ascii admin cert into th client certdb fails. The binary always appears to work though.
-rw-r--r--base/deploy/src/scriptlets/pkijython.py19
-rw-r--r--base/deploy/src/scriptlets/pkimessages.py1
2 files changed, 17 insertions, 3 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index 6f71cb88b..4321e0a2a 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -581,11 +581,18 @@ class rest_client:
admin_cert_file = os.path.join(
master['pki_client_dir'],
master['pki_client_admin_cert'])
+ admin_cert_bin_file = admin_cert_file + ".der"
javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\
" " + "'" + admin_cert_file + "'")
FILE = open(admin_cert_file, "w")
FILE.write(admin_cert)
FILE.close()
+ # convert the cert file to binary
+ command = "AtoB "+ admin_cert_file + " " + admin_cert_bin_file
+ javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_ATOB +\
+ " " + "'" + command + "'")
+ os.system(command)
+
# Since Jython runs under Java, it does NOT support the
# following operating system specific command:
#
@@ -594,11 +601,18 @@ class rest_client:
# config.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS)
#
# Emulate it with a system call.
- command = "chmod" + " " + "660" + " " + admin_cert_file
+ command = "chmod" + " 660 " + admin_cert_file
javasystem.out.println(
log.PKI_JYTHON_CHMOD +\
" " + "'" + command + "'")
os.system(command)
+
+ command = "chmod" + " 660 " + admin_cert_bin_file
+ javasystem.out.println(
+ log.PKI_JYTHON_CHMOD +\
+ " " + "'" + command + "'")
+ os.system(command)
+
# Import the Administration Certificate
# into the client NSS security database
command = "certutil" + " " +\
@@ -613,9 +627,8 @@ class rest_client:
master['pki_client_password_conf'] + " " +\
"-d" + " " +\
master['pki_client_database_dir'] + " " +\
- "-a" + " " +\
"-i" + " " +\
- admin_cert_file
+ admin_cert_bin_file
javasystem.out.println(
log.PKI_JYTHON_ADMIN_CERT_IMPORT +\
" " + "'" + command + "'")
diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py
index cce2e8f0e..becbea63e 100644
--- a/base/deploy/src/scriptlets/pkimessages.py
+++ b/base/deploy/src/scriptlets/pkimessages.py
@@ -282,6 +282,7 @@ PKI_JYTHON_ADMIN_CERT_EXPORT = "exporting Admin Certificate from "\
PKI_JYTHON_ADMIN_CERT_IMPORT = "importing Admin Certificate into "\
"NSS client security database:"
PKI_JYTHON_ADMIN_CERT_SAVE = "saving Admin Certificate to file:"
+PKI_JYTHON_ADMIN_CERT_ATOB = "converting Admin Certificate to binary:"
PKI_JYTHON_CDATA_TAG = "tag:"
PKI_JYTHON_CDATA_CERT = "cert:"
PKI_JYTHON_CDATA_REQUEST = "request:"