Added cert revocation REST service.

The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets. It provides an interface to manage certificate revocation. Ticket #161
author: Endi Sukma Dewata <edewata@redhat.com> 2012-05-23 14:14:38 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2012-07-11 09:21:09 -0500
commit: a25705a6fff3525b26a855d03f0c117bfadc1979 (patch)
tree: f7bd74cd3c9e866e784c6561bcc12a315959c77e /base/ca
parent: 778091c087b072a2e5c56ed1cffbee683d421363 (diff)
download: pki-a25705a6fff3525b26a855d03f0c117bfadc1979.tar.gz
pki-a25705a6fff3525b26a855d03f0c117bfadc1979.tar.xz
pki-a25705a6fff3525b26a855d03f0c117bfadc1979.zip
3 files changed, 30 insertions, 16 deletions
diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
index 67138e529..c62eef119 100644
--- a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
+++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
@@ -101,7 +101,7 @@ public class CARestClient extends CMSRestClient {
             return null;
         }
 
-        return certClient.retrieveCert(id);
+        return certClient.getCert(id);
 
     }
 
diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
index 9afb1f386..807d014c4 100644
--- a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
+++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
@@ -496,8 +496,8 @@ public class CATest {
             log("No CertInfo: ");
             return;
         }
-        log("CertId: " + info.getCertId().toString());
-        log("CertUrl: " + info.getCertURL());
+        log("CertId: " + info.getID().toString());
+        log("CertUrl: " + info.getLink().getHref());
 
     }
 
@@ -511,12 +511,12 @@ public class CATest {
         log("CertificateInfo: " + "\n");
         log("-----------------");
 
-        log("CertSerialNo:  \n" + info.getSerialNo() + "\n");
-        log("CertSubject:  \n" + info.getSubjectName() + "\n");
-        log("CertIssuer: \n" + info.getIssuerName() + "\n");
+        log("CertSerialNo:  \n" + info.getSerialNumber() + "\n");
+        log("CertSubject:  \n" + info.getSubjectDN() + "\n");
+        log("CertIssuer: \n" + info.getIssuerDN() + "\n");
         log("NotBefore:  \n" + info.getNotBefore() + "\n");
         log("NotAfter: \n" + info.getNotAfter() + "\n");
-        log("CertBase64: \n" + info.getB64() + "\n");
+        log("CertBase64: \n" + info.getEncoded() + "\n");
         log("CertPKCS7Chain: \n" + info.getPkcs7CertChain() + "\n");
         log("CertPrettyPrint: \n" + info.getPrettyPrint());
 
diff --git a/base/ca/shared/conf/CS.cfg.in b/base/ca/shared/conf/CS.cfg.in
index 527de831d..78c28435a 100644
--- a/base/ca/shared/conf/CS.cfg.in
+++ b/base/ca/shared/conf/CS.cfg.in
@@ -1056,15 +1056,29 @@ profile.caEncUserCert.config=[PKI_INSTANCE_PATH]/profiles/ca/caEncUserCert.cfg
 profile.caEncECUserCert.class_id=caEnrollImpl
 profile.caEncECUserCert.config=[PKI_INSTANCE_PATH]/profiles/ca/caEncECUserCert.cfg
 registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg
-profile.caProfileProcess.getClientCert=true
-profile.caProfileProcess.authzMgr=BasicAclAuthz
-profile.caProfileProcess.authorityId=ca
-profile.caProfileProcess.authzResourceName=certServer.ca.request.profile
-profile.caProfileProcess.authMgr=certUserDBAuthMgr
-profile.caProfileSubmit.authorityId=ca
-profile.caProfileSubmit.authzMgr=BasicAclAuthz
-profile.caProfileSubmit.authzResourceName=certServer.ee.profile
-profile.caProfileSubmit.getClientCert=false
+processor.caProfileProcess.getClientCert=true
+processor.caProfileProcess.authzMgr=BasicAclAuthz
+processor.caProfileProcess.authorityId=ca
+processor.caProfileProcess.authzResourceName=certServer.ca.request.profile
+processor.caProfileProcess.authMgr=certUserDBAuthMgr
+processor.caProfileSubmit.authorityId=ca
+processor.caProfileSubmit.authzMgr=BasicAclAuthz
+processor.caProfileSubmit.authzResourceName=certServer.ee.profile
+processor.caProfileSubmit.getClientCert=false
+processor.caDoRevoke.getClientCert=false
+processor.caDoRevoke.authzMgr=BasicAclAuthz
+processor.caDoRevoke.authorityId=ca
+processor.caDoRevoke.authzResourceName=certServer.ee.certificates
+processor.caDoRevoke-agent.getClientCert=true
+processor.caDoRevoke-agent.authzMgr=BasicAclAuthz
+processor.caDoRevoke-agent.authorityId=ca
+processor.caDoRevoke-agent.authzResourceName=certServer.ca.certificates
+processor.caDoRevoke-agent.authMgr=certUserDBAuthMgr
+processor.caDoUnrevoke.getClientCert=true
+processor.caDoUnrevoke.authzMgr=BasicAclAuthz
+processor.caDoUnrevoke.authorityId=ca
+processor.caDoUnrevoke.authzResourceName=certServer.ca.certificate
+processor.caDoUnrevoke.authMgr=certUserDBAuthMgr
 request.assignee.enable=true
 selftests._000=##
 selftests._001=## Self Tests
author	Endi Sukma Dewata <edewata@redhat.com>	2012-05-23 14:14:38 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2012-07-11 09:21:09 -0500
commit	a25705a6fff3525b26a855d03f0c117bfadc1979 (patch)
tree	f7bd74cd3c9e866e784c6561bcc12a315959c77e /base/ca
parent	778091c087b072a2e5c56ed1cffbee683d421363 (diff)
download	pki-a25705a6fff3525b26a855d03f0c117bfadc1979.tar.gz pki-a25705a6fff3525b26a855d03f0c117bfadc1979.tar.xz pki-a25705a6fff3525b26a855d03f0c117bfadc1979.zip