diff options
author | Endi S. Dewata <edewata@redhat.com> | 2016-04-06 19:22:48 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2016-04-08 17:19:30 +0200 |
commit | d43f4dab6773ea7d91e71193969b26df4efaaffc (patch) | |
tree | 1ebf4ac62ac82ed40de8719426b1847f7f76ddea /base/common | |
parent | 0bf38b56a56af5f66229f17c2e7ddbf127d4de14 (diff) | |
download | pki-d43f4dab6773ea7d91e71193969b26df4efaaffc.tar.gz pki-d43f4dab6773ea7d91e71193969b26df4efaaffc.tar.xz pki-d43f4dab6773ea7d91e71193969b26df4efaaffc.zip |
Fixed pki pkcs12-import backward compatibility.
For backward compatibility the pki pkcs12-import has been modified
to generate default nicknames and trust flags for CA certificates
if they are not specified in the PKCS #12 file. The PKCS12Util was
also modified to find the certificate corresponding to a key more
accurately using the local ID instead of the subject DN.
The configuration servlet has been modified to provide better
debugging information when updating the security domain.
https://fedorahosted.org/pki/ticket/2255
Diffstat (limited to 'base/common')
-rw-r--r-- | base/common/python/pki/cli/pkcs12.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/base/common/python/pki/cli/pkcs12.py b/base/common/python/pki/cli/pkcs12.py index dc999a120..a7c32cc2b 100644 --- a/base/common/python/pki/cli/pkcs12.py +++ b/base/common/python/pki/cli/pkcs12.py @@ -220,7 +220,12 @@ class PKCS12ImportCLI(pki.cli.CLI): cert_id = cert_info['id'] nickname = cert_info['nickname'] - trust_flags = cert_info['trust_flags'] + + if 'trust_flags' in cert_info: + trust_flags = cert_info['trust_flags'] + else: + # default trust flags for CA certificates + trust_flags = 'CT,c,c' if main_cli.verbose: print('Exporting %s (%s) from PKCS #12 file' % (nickname, cert_id)) |