diff options
author | Endi S. Dewata <edewata@redhat.com> | 2015-05-21 23:48:41 -0400 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2015-05-22 18:17:33 -0400 |
commit | e7c6b5ea5a109da2a2385aeb616825082c2ddd60 (patch) | |
tree | 93e71ff4657842cdc01bfa2aac3498b379176e06 /base/java-tools | |
parent | 8c2fb0b89be2216f91d9e250850a27e40e4dbd7f (diff) | |
download | pki-e7c6b5ea5a109da2a2385aeb616825082c2ddd60.tar.gz pki-e7c6b5ea5a109da2a2385aeb616825082c2ddd60.tar.xz pki-e7c6b5ea5a109da2a2385aeb616825082c2ddd60.zip |
Fixed key archival problem in CLI with separate KRA instance.
The CLI has been modified such that when enrolling a certificate
with key archival it will obtain the transport certificate from
the CA instead of KRA because the KRA may not reside on the same
instance. The CA REST service has been modified such that it will
obtain the transport certificate from the KRA connector.
https://fedorahosted.org/pki/ticket/1384
Diffstat (limited to 'base/java-tools')
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java index ebca55bc0..e6bd0d981 100644 --- a/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/client/ClientCertRequestCLI.java @@ -217,7 +217,7 @@ public class ClientCertRequestCLI extends CLI { String encoded; if (transportCertFilename == null) { - SystemCertClient certClient = new SystemCertClient(client, "kra"); + SystemCertClient certClient = new SystemCertClient(client, "ca"); encoded = certClient.getTransportCert().getEncoded(); } else { @@ -251,13 +251,19 @@ public class ClientCertRequestCLI extends CLI { CertEnrollmentRequest request = certClient.getEnrollmentTemplate(profileID); - ProfileInput kg = request.getInput("Key Generation"); + // Key Generation / Dual Key Generation + for (ProfileInput input : request.getInputs()) { - ProfileAttribute typeAttr = kg.getAttribute("cert_request_type"); - typeAttr.setValue(requestType); + ProfileAttribute typeAttr = input.getAttribute("cert_request_type"); + if (typeAttr != null) { + typeAttr.setValue(requestType); + } - ProfileAttribute csrAttr = kg.getAttribute("cert_request"); - csrAttr.setValue(csr); + ProfileAttribute csrAttr = input.getAttribute("cert_request"); + if (csrAttr != null) { + csrAttr.setValue(csr); + } + } ProfileInput sn = request.getInput("Subject Name"); if (sn != null) { |