Fixed cert usage list in pki client-cert-validate.

The pki client-cert-validate has been modified to add the missing
EmailRecipient and to list the supported cert usages.

https://fedorahosted.org/pki/ticket/2376
https://fedorahosted.org/pki/ticket/2399

1 files changed, 6 insertions, 1 deletions

diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java
index 3988c71e2..50cd96f43 100644
--- a/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java
@@ -45,7 +45,10 @@ public class ClientCertValidateCLI extends CLI {
     }
 
     public void createOptions() {
-        Option option = new Option(null, "certusage", true, "Certificate usage.");
+        Option option = new Option(null, "certusage", true, "Certificate usage: " +
+                "CheckAllUsages, SSLServer, SSLServerWithStepUp, SSLClient, SSLCA, AnyCA, " +
+                "StatusResponder, ObjectSigner, UserCertImport, ProtectedObjectSigner, " +
+                "VerifyCA, EmailSigner, EmailRecipient.");
         option.setArgName("certusage");
         options.addOption(option);
     }
@@ -188,6 +191,8 @@ public class ClientCertValidateCLI extends CLI {
             cu = CryptoManager.CertificateUsage.VerifyCA;
         else if (certusage.equalsIgnoreCase("EmailSigner"))
             cu = CryptoManager.CertificateUsage.EmailSigner;
+        else if (certusage.equalsIgnoreCase("EmailRecipient"))
+            cu = CryptoManager.CertificateUsage.EmailRecipient;
 
         return cu;
     }