diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2014-04-22 14:22:51 -0400 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2014-04-25 19:03:35 -0400 |
| commit | 8a6935ba8587ece5e5fcf8b65448c1b57d5ac463 (patch) | |
| tree | 76df51348828d3f8c2f33a70a4eec2fd498ac44d /base/ocsp/src | |
| parent | 5baa286e2104dee77bdc54ac1ad0bb73dfa1b769 (diff) | |
| download | pki-8a6935ba8587ece5e5fcf8b65448c1b57d5ac463.tar.gz pki-8a6935ba8587ece5e5fcf8b65448c1b57d5ac463.tar.xz pki-8a6935ba8587ece5e5fcf8b65448c1b57d5ac463.zip | |
Refactored SystemConfigService (part 12).
Subsystem-specific configuration codes have been moved from the
SystemConfigService into the subsystem-specific installer.
Ticket #890
Diffstat (limited to 'base/ocsp/src')
| -rw-r--r-- | base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java index 0ee5eb430..aaeeb346b 100644 --- a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java +++ b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java @@ -19,7 +19,12 @@ package org.dogtagpki.server.ocsp.rest; import org.dogtagpki.server.rest.SystemConfigService; +import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.PKIException; +import com.netscape.certsrv.ocsp.IOCSPAuthority; +import com.netscape.certsrv.system.ConfigurationRequest; +import com.netscape.cms.servlet.csadmin.ConfigurationUtils; /** * @author alee @@ -29,4 +34,30 @@ public class OCSPInstallerService extends SystemConfigService { public OCSPInstallerService() throws EBaseException { } + + @Override + public void finalizeConfiguration(ConfigurationRequest request) { + + super.finalizeConfiguration(request); + + try { + String ca_host = cs.getString("preop.ca.hostname", ""); + + // import the CA certificate into the OCSP + // configure the CRL Publishing to OCSP in CA + if (!ca_host.equals("")) { + CMS.reinit(IOCSPAuthority.ID); + ConfigurationUtils.importCACertToOCSP(); + + if (!request.getStandAlone()) { + ConfigurationUtils.updateOCSPConfig(); + ConfigurationUtils.setupClientAuthUser(); + } + } + + } catch (Exception e) { + CMS.debug(e); + throw new PKIException("Errors in configuring CA publishing to OCSP: " + e); + } + } } |