diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2016-01-13 17:41:05 +1100 |
---|---|---|
committer | Fraser Tweedale <ftweedal@redhat.com> | 2016-02-15 14:33:53 +1000 |
commit | f6177fede9d1b688f0519953ec14839d513a6e2c (patch) | |
tree | 75093e7ae769a25f1d435b1aa9da44c617cc1279 /base/ca/shared | |
parent | 966b3e906b48fdb34cfe0f5bc9092b45bfc9067d (diff) | |
download | pki-f6177fede9d1b688f0519953ec14839d513a6e2c.tar.gz pki-f6177fede9d1b688f0519953ec14839d513a6e2c.tar.xz pki-f6177fede9d1b688f0519953ec14839d513a6e2c.zip |
Use correct textual encoding for PKCS #7 objects
PKCS #7 objects are being output with the "CERTIFICATE CHAIN" label
which is invalid (RFC 7468) and unrecognised by many programs
(including OpenSSL). Use the correct "PKCS7" label instead.
Also do a drive-by refactor of the normalizeCertAndReq to remove
some redundant code.
Fixes: https://fedorahosted.org/pki/ticket/1699
Diffstat (limited to 'base/ca/shared')
5 files changed, 10 insertions, 10 deletions
diff --git a/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template b/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template index 3b58a4779..e02fe30eb 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template @@ -192,9 +192,9 @@ Base 64 encoded certificate with CA certificate chain in pkcs7 format </font> <p><pre> <SCRIPT type="text/javascript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.pkcs7ChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template b/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template index 7923f4153..f0604ef7f 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template @@ -98,9 +98,9 @@ Base 64 encoded certificate </font> <p><pre> <SCRIPT type="text/javascript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.certChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template b/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template index f1148570c..402154037 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template @@ -102,9 +102,9 @@ function displayCert(cert) 'Base 64 encoded certificate with CA certificate chain in pkcs7 format'+ '</font>'+ '<p><pre>'+ - '-----BEGIN CERTIFICATE CHAIN-----'); + '-----BEGIN PKCS7-----'); document.writeln(cert.pkcs7ChainBase64); - document.writeln('-----END CERTIFICATE CHAIN-----'+ + document.writeln('-----END PKCS7-----'+ '</pre>'); } diff --git a/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template b/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template index d1e65fa63..33bc45f22 100644 --- a/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template +++ b/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template @@ -117,9 +117,9 @@ Base 64 encoded certificate with CA certificate chain in pkcs7 format </font> <p><pre> <SCRIPT LANGUAUGE="JavaScript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.pkcs7ChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template b/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template index 49a91af11..3e6a44da7 100644 --- a/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template +++ b/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template @@ -43,9 +43,9 @@ if (result.header.displayFormat == "chain") { document.writeln('<center><b>' + result.header.subjectdn); document.writeln('</b></center><p></font><br>'); document.writeln('<pre>'); - document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); + document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.chainBase64); - document.writeln('-----END CERTIFICATE CHAIN-----'); + document.writeln('-----END PKCS7-----'); document.writeln('</pre>'); } else if (result.header.displayFormat == "individual") { if (result.recordSet.length == 0) { |