diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2015-09-01 09:57:42 -0400 |
---|---|---|
committer | Fraser Tweedale <ftweedal@redhat.com> | 2015-09-26 14:11:51 +1000 |
commit | 058f1cf1e657ba441f1fcd590fa4cec8ca96e5b0 (patch) | |
tree | 18109e536cf188bf387f8f97af7c98bd39168c33 /base/java-tools/src/com/netscape/cmstools/cert | |
parent | 5cdad30b99d8c115f6b50c63bb2ecceefdd33937 (diff) | |
download | pki-058f1cf1e657ba441f1fcd590fa4cec8ca96e5b0.tar.gz pki-058f1cf1e657ba441f1fcd590fa4cec8ca96e5b0.tar.xz pki-058f1cf1e657ba441f1fcd590fa4cec8ca96e5b0.zip |
Lightweight CAs: REST cert request param to specify authority
Add the optional "ca" query parameter for REST cert request
submission. Also update the ca-cert-request-submit CLI command with
an option to provide an AuthorityID.
Part of: https://fedorahosted.org/pki/ticket/1213
Diffstat (limited to 'base/java-tools/src/com/netscape/cmstools/cert')
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java index 608490bb7..961115968 100644 --- a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java @@ -2,18 +2,22 @@ package com.netscape.cmstools.cert; import java.io.File; import java.io.FileNotFoundException; +import java.io.IOException; import java.util.Arrays; import java.util.Scanner; import javax.xml.bind.JAXBException; import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; import org.apache.commons.cli.ParseException; +import com.netscape.certsrv.ca.AuthorityID; import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.cert.CertRequestInfos; import com.netscape.cmstools.cli.CLI; import com.netscape.cmstools.cli.MainCLI; +import netscape.security.x509.X500Name; public class CertRequestSubmitCLI extends CLI { @@ -22,6 +26,14 @@ public class CertRequestSubmitCLI extends CLI { public CertRequestSubmitCLI(CertCLI certCLI) { super("request-submit", "Submit certificate request", certCLI); this.certCLI = certCLI; + + Option optAID = new Option(null, "issuer-id", true, "Authority ID (host authority if omitted)"); + optAID.setArgName("id"); + options.addOption(optAID); + + Option optADN = new Option(null, "issuer-dn", true, "Authority DN (host authority if omitted)"); + optADN.setArgName("dn"); + options.addOption(optADN); } public void printHelp() { @@ -55,9 +67,39 @@ public class CertRequestSubmitCLI extends CLI { System.exit(-1); } + AuthorityID aid = null; + if (cmd.hasOption("issuer-id")) { + String aidString = cmd.getOptionValue("issuer-id"); + try { + aid = new AuthorityID(aidString); + } catch (IllegalArgumentException e) { + System.err.println("Bad AuthorityID: " + aidString); + printHelp(); + System.exit(-1); + } + } + + X500Name adn = null; + if (cmd.hasOption("issuer-dn")) { + String adnString = cmd.getOptionValue("issuer-dn"); + try { + adn = new X500Name(adnString); + } catch (IOException e) { + System.err.println("Bad DN: " + adnString); + printHelp(); + System.exit(-1); + } + } + + if (aid != null && adn != null) { + System.err.println("--issuer-id and --issuer-dn options are mutually exclusive"); + printHelp(); + System.exit(-1); + } + try { CertEnrollmentRequest erd = getEnrollmentRequest(cmdArgs[0]); - CertRequestInfos cri = certCLI.certClient.enrollRequest(erd); + CertRequestInfos cri = certCLI.certClient.enrollRequest(erd, aid, adn); MainCLI.printMessage("Submitted certificate request"); CertCLI.printCertRequestInfos(cri); |