diff options
author | Ade Lee <alee@redhat.com> | 2012-11-02 16:44:47 -0400 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-11-04 22:13:21 -0500 |
commit | a80e994148a81914858f82b14af5fad90e12533d (patch) | |
tree | 4d82f4024ef55571053c2446a4b49cca86a1fd7b /base/deploy/src/scriptlets | |
parent | db9537d210a20b90115374e5b406db6c9658bc3a (diff) | |
download | pki-a80e994148a81914858f82b14af5fad90e12533d.tar.gz pki-a80e994148a81914858f82b14af5fad90e12533d.tar.xz pki-a80e994148a81914858f82b14af5fad90e12533d.zip |
Convert admin cert from ascii to binary before importing into certdb
Sometimes importing the ascii admin cert into th client certdb fails.
The binary always appears to work though.
Diffstat (limited to 'base/deploy/src/scriptlets')
-rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 19 | ||||
-rw-r--r-- | base/deploy/src/scriptlets/pkimessages.py | 1 |
2 files changed, 17 insertions, 3 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index 6f71cb88b..4321e0a2a 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -581,11 +581,18 @@ class rest_client: admin_cert_file = os.path.join( master['pki_client_dir'], master['pki_client_admin_cert']) + admin_cert_bin_file = admin_cert_file + ".der" javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\ " " + "'" + admin_cert_file + "'") FILE = open(admin_cert_file, "w") FILE.write(admin_cert) FILE.close() + # convert the cert file to binary + command = "AtoB "+ admin_cert_file + " " + admin_cert_bin_file + javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_ATOB +\ + " " + "'" + command + "'") + os.system(command) + # Since Jython runs under Java, it does NOT support the # following operating system specific command: # @@ -594,11 +601,18 @@ class rest_client: # config.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS) # # Emulate it with a system call. - command = "chmod" + " " + "660" + " " + admin_cert_file + command = "chmod" + " 660 " + admin_cert_file javasystem.out.println( log.PKI_JYTHON_CHMOD +\ " " + "'" + command + "'") os.system(command) + + command = "chmod" + " 660 " + admin_cert_bin_file + javasystem.out.println( + log.PKI_JYTHON_CHMOD +\ + " " + "'" + command + "'") + os.system(command) + # Import the Administration Certificate # into the client NSS security database command = "certutil" + " " +\ @@ -613,9 +627,8 @@ class rest_client: master['pki_client_password_conf'] + " " +\ "-d" + " " +\ master['pki_client_database_dir'] + " " +\ - "-a" + " " +\ "-i" + " " +\ - admin_cert_file + admin_cert_bin_file javasystem.out.println( log.PKI_JYTHON_ADMIN_CERT_IMPORT +\ " " + "'" + command + "'") diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py index cce2e8f0e..becbea63e 100644 --- a/base/deploy/src/scriptlets/pkimessages.py +++ b/base/deploy/src/scriptlets/pkimessages.py @@ -282,6 +282,7 @@ PKI_JYTHON_ADMIN_CERT_EXPORT = "exporting Admin Certificate from "\ PKI_JYTHON_ADMIN_CERT_IMPORT = "importing Admin Certificate into "\ "NSS client security database:" PKI_JYTHON_ADMIN_CERT_SAVE = "saving Admin Certificate to file:" +PKI_JYTHON_ADMIN_CERT_ATOB = "converting Admin Certificate to binary:" PKI_JYTHON_CDATA_TAG = "tag:" PKI_JYTHON_CDATA_CERT = "cert:" PKI_JYTHON_CDATA_REQUEST = "request:" |