diff options
| author | Endi Sukma Dewata <edewata@redhat.com> | 2013-04-19 11:45:10 -0400 |
|---|---|---|
| committer | Endi Sukma Dewata <edewata@redhat.com> | 2013-04-22 23:49:46 -0400 |
| commit | f3e75c44eacc3f861497a288b2713a26953fb39f (patch) | |
| tree | b895d4413af980fe7b75f66f483e2642d23fd1a4 /base/java-tools/pki | |
| parent | 7ea5dc61f082c7372924271fd2a44dfb5345b256 (diff) | |
Added options to reject/ignore cert validity statuses.
New options have been added to the CLI to reject or ignore certain
cert validity statuses such as UNTRUSTED_ISSUER or BAD_CERT_DOMAIN.
The options can also be defined in pki.conf as a system-wide policy.
Ticket #491
Diffstat (limited to 'base/java-tools/pki')
| -rwxr-xr-x | base/java-tools/pki | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/base/java-tools/pki b/base/java-tools/pki index 197fa6100..07eb4ee28 100755 --- a/base/java-tools/pki +++ b/base/java-tools/pki @@ -107,12 +107,15 @@ if( $ARCHITECTURE eq "x86_64" ) { ## based upon the preset LD_LIBRARY_PATH and CP environment variables. ## ############################################################################### +my $PKI_CLI_OPTIONS = `source /etc/pki/pki.conf && echo \$PKI_CLI_OPTIONS`; +chomp($PKI_CLI_OPTIONS); + my @args = (); foreach (@ARGV) { push(@args, quotemeta($_)); } -my $command = "java -cp $ENV{CLASSPATH} com.netscape.cmstools.cli.MainCLI @args"; +my $command = "java -cp $ENV{CLASSPATH} com.netscape.cmstools.cli.MainCLI $PKI_CLI_OPTIONS @args"; system($command) and do { exit $? >> 8; |