diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-03-13 21:42:49 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-03-15 19:29:17 +0100 |
| commit | 3253d852eb50d30f30a37800f0cf16898a038b6c (patch) | |
| tree | 7481d79522927a0f1149de3f6c92ce191e531f71 /base/java-tools/src | |
| parent | 806d5ed6cc2e16c5d5ad06530d06a98b4ee68bb1 (diff) | |
| download | pki-3253d852eb50d30f30a37800f0cf16898a038b6c.tar.gz pki-3253d852eb50d30f30a37800f0cf16898a038b6c.tar.xz pki-3253d852eb50d30f30a37800f0cf16898a038b6c.zip | |
Troubleshooting improvement for ClientCertValidateCLI.
The ClientCertValidateCLI has been modified to display the NSS
error code and error message for invalid certificates.
Diffstat (limited to 'base/java-tools/src')
| -rw-r--r-- | base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java index 22bddcf32..a3f1deb36 100644 --- a/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/client/ClientCertValidateCLI.java @@ -18,6 +18,7 @@ package com.netscape.cmstools.client; +import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -97,11 +98,13 @@ public class ClientCertValidateCLI extends CLI { CryptoManager cm = CryptoManager.getInstance(); if (cu.getUsage() != CryptoManager.CertificateUsage.CheckAllUsages.getUsage()) { - if (cm.isCertValid(nickname, true, cu)) { + try { + cm.verifyCertificate(nickname, true, cu); System.out.println("Valid certificate: " + nickname); return true; - } else { - System.out.println("Invalid certificate: " + nickname); + } catch (CertificateException e) { + // Invalid certificate: (<code>) <message> + System.out.println(e.getMessage()); return false; } |