diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-06-30 00:22:09 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-01 00:20:25 +0200 |
| commit | c46ffc53bfd1ac8c847daabc209adf605bbe5b32 (patch) | |
| tree | 20f5917d36e9a2b0dbf4f594a33a9b23274a9658 | |
| parent | 7eb8ac9abb06d5a21c9d81d3f7fd08391a2a745e (diff) | |
| download | pki-c46ffc53bfd1ac8c847daabc209adf605bbe5b32.tar.gz pki-c46ffc53bfd1ac8c847daabc209adf605bbe5b32.tar.xz pki-c46ffc53bfd1ac8c847daabc209adf605bbe5b32.zip | |
Refactored CertUtil.createLocalCert() (part 1).
The error handling in CertUtil.createLocalCert() has been modified
such that errors are no longer ignored. The changes also guarantee
that some variable cannot be null, so the code can be simplified.
https://pagure.io/dogtagpki/issue/2280
Change-Id: I9f1961d538cdbba99c8e3474ba3c601eb8416baf
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java | 72 |
1 files changed, 10 insertions, 62 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java index 018bfc7c1..f47193cb9 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -408,26 +408,27 @@ public class CertUtil { } public static X509CertImpl createLocalCertWithCA(IConfigStore config, X509Key x509key, - String prefix, String certTag, String type, ICertificateAuthority ca) throws IOException { + String prefix, String certTag, String type, ICertificateAuthority ca) throws Exception { return createLocalCert(config, x509key, prefix, certTag, type, ca, null); } public static X509CertImpl createLocalCert(IConfigStore config, X509Key x509key, - String prefix, String certTag, String type, Context context) throws IOException { + String prefix, String certTag, String type, Context context) throws Exception { return createLocalCert(config, x509key, prefix, certTag, type, null, context); } - public static X509CertImpl createLocalCert(IConfigStore config, X509Key x509key, - String prefix, String certTag, String type, - ICertificateAuthority ca, Context context) throws IOException { + public static X509CertImpl createLocalCert( + IConfigStore config, + X509Key x509key, + String prefix, + String certTag, + String type, + ICertificateAuthority ca, + Context context) throws Exception { CMS.debug("Creating local certificate... certTag=" + certTag); String profile = null; - - try { profile = config.getString(prefix + certTag + ".profile"); - } catch (Exception e) { - } X509CertImpl cert = null; ICertificateRepository cr = null; @@ -438,7 +439,6 @@ public class CertUtil { boolean caProvided = ca != null; - try { Boolean injectSAN = config.getBoolean( "service.injectSAN", false); CMS.debug("createLocalCert: injectSAN=" + injectSAN); @@ -459,7 +459,6 @@ public class CertUtil { ICertificateAuthority.ID); cr = ca.getCertificateRepository(); - if (cr == null) { if (context != null) { context.put("errorString", "Ceritifcate Authority is not ready to serve."); @@ -493,16 +492,13 @@ public class CertUtil { CMS.debug("Cert Template: " + info.toString()); String instanceRoot = CMS.getConfigStore().getString("instanceRoot"); - String configurationRoot = CMS.getConfigStore().getString("configurationRoot"); CertInfoProfile processor = new CertInfoProfile( instanceRoot + configurationRoot + profile); // cfu - create request to enable renewal - try { queue = ca.getRequestQueue(); - if (queue != null) { req = createLocalRequest(queue, serialNo.toString(), info); if (certTag.equals("sslserver") && injectSAN == true) { @@ -528,12 +524,6 @@ public class CertUtil { reqId = req.getRequestId(); config.putString("preop.cert." + certTag + ".reqId", reqId.toString()); - } else { - CMS.debug("certUtil: requestQueue null"); - } - } catch (Exception e) { - CMS.debug("Creating local request exception:" + e.toString()); - } if (!certTag.equals("signing")) { /* @@ -590,63 +580,21 @@ public class CertUtil { caSigningKeyAlgo); } - if (cert != null) { CMS.debug("CertUtil createLocalCert: got cert signed"); - } - - } catch (IOException e) { - throw e; - - } catch (Exception e) { - CMS.debug("Unable to create local certificate: " + e); - throw new IOException("Unable to create local certificate: " + e, e); - } ICertRecord record = null; - try { MetaInfo meta = new MetaInfo(); - if (reqId != null) { meta.set(ICertRecord.META_REQUEST_ID, reqId.toString()); - } meta.set(ICertRecord.META_PROFILE_ID, profileId); record = cr.createCertRecord( cert.getSerialNumber(), cert, meta); - } catch (Exception e) { - CMS.debug( - "CertUtil createLocalCert: failed to add metainfo. Exception: " + e.toString()); - } - - try { cr.addCertificateRecord(record); - CMS.debug( - "CertUtil createLocalCert: finished adding certificate record."); - } catch (Exception e) { - CMS.debug( - "CertUtil createLocalCert: failed to add certificate record. Exception: " - + e.toString()); - try { - cr.deleteCertificateRecord(record.getSerialNumber()); - cr.addCertificateRecord(record); - } catch (Exception ee) { - CMS.debug("CertUtil createLocalCert: Exception: " + ee.toString()); - } - } - - if (req != null) { // update request with cert req.setExtData(IEnrollProfile.REQUEST_ISSUED_CERT, cert); // store request in db - try { - CMS.debug("certUtil: before updateRequest"); - if (queue != null) { queue.updateRequest(req); - } - } catch (Exception e) { - CMS.debug("Exception in updateRequest" + e); - } - } return cert; } |