diff options
| author | Christina Fu <cfu@redhat.com> | 2017-04-28 17:55:17 -0700 |
|---|---|---|
| committer | Christina Fu <cfu@redhat.com> | 2017-04-28 19:56:09 -0700 |
| commit | 3ff9de6a517d7fdcdee6c4a8c884eff052f8f824 (patch) | |
| tree | 7ce6931f2bdec5413796d9e22b243542ef635239 /base/common/src/com | |
| parent | 9590944d5726ff32d94c6a2b2909175eae946466 (diff) | |
| download | pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.tar.gz pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.tar.xz pki-3ff9de6a517d7fdcdee6c4a8c884eff052f8f824.zip | |
Ticket #2717 CMC user-signed enrollment request
This patch provides implementation that allows user-signed CMC requests
to be processed; The resulting certificate will bear the same subjectDN
as that of the signing cert;
The new uri to access is /ca/ee/ca/profileSubmitUserSignedCMCFull
where the new profile is to be used: caFullCMCUserSignedCert.cfg
which utilizes the new authentication plugin: CMCUserSignedAuth
and new profile default plugin: CMCUserSignedSubjectNameDefault
and new profile constraint plugin: CMCUserSignedSubjectNameConstraint
Diffstat (limited to 'base/common/src/com')
| -rw-r--r-- | base/common/src/com/netscape/certsrv/authentication/IAuthManager.java | 3 | ||||
| -rw-r--r-- | base/common/src/com/netscape/certsrv/logging/AuditEvent.java | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java b/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java index f9eddbc66..21639e2a6 100644 --- a/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java +++ b/base/common/src/com/netscape/certsrv/authentication/IAuthManager.java @@ -31,6 +31,9 @@ public interface IAuthManager { /* standard credential for client cert from ssl client auth */ public static final String CRED_SSL_CLIENT_CERT = "sslClientCert"; + /* standard credential for CMC request signing cert */ + public static final String CRED_CMC_SIGNING_CERT = "cmcSigningCert"; + /** * Standard credential for client cert's serial number from revocation. */ diff --git a/base/common/src/com/netscape/certsrv/logging/AuditEvent.java b/base/common/src/com/netscape/certsrv/logging/AuditEvent.java index 72c93f86d..7a4aa9b08 100644 --- a/base/common/src/com/netscape/certsrv/logging/AuditEvent.java +++ b/base/common/src/com/netscape/certsrv/logging/AuditEvent.java @@ -145,6 +145,8 @@ public class AuditEvent implements IBundleLogEvent { "LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE_3"; public final static String CMC_SIGNED_REQUEST_SIG_VERIFY = "LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY_5"; + public final static String CMC_USER_SIGNED_REQUEST_SIG_VERIFY = + "LOGGING_SIGNED_AUDIT_CMC_USER_SIGNED_REQUEST_SIG_VERIFY_5"; public final static String COMPUTE_RANDOM_DATA_REQUEST = "LOGGING_SIGNED_AUDIT_COMPUTE_RANDOM_DATA_REQUEST_2"; |