diff options
author | Endi S. Dewata <edewata@redhat.com> | 2015-12-01 23:34:41 +0100 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2015-12-01 21:10:43 +0100 |
commit | 6a9990784b3a5ff18a800a288e8d1af173c7ae6e (patch) | |
tree | ff43c432f868edb0765180d41c09e6f358d666c0 /base/server/cms/src/com/netscape/cms/servlet/admin | |
parent | c44d643c8f1f1b34004e8a1c5eedbcb75e46860d (diff) | |
download | pki-6a9990784b3a5ff18a800a288e8d1af173c7ae6e.tar.gz pki-6a9990784b3a5ff18a800a288e8d1af173c7ae6e.tar.xz pki-6a9990784b3a5ff18a800a288e8d1af173c7ae6e.zip |
Fixed selftest error handling.
The selftest has been modified to throw an exception and provide
more specific error message if a test fails in order to help
troubleshoot the problem.
https://fedorahosted.org/pki/ticket/1328
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/admin')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index b6325b71d..18be8a854 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -38,11 +38,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.BasicConstraintsExtension; -import netscape.security.x509.CertificateExtensions; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; - import org.mozilla.jss.CryptoManager; import org.mozilla.jss.crypto.CryptoToken; import org.mozilla.jss.crypto.PQGParams; @@ -80,6 +75,11 @@ import com.netscape.cmsutil.util.Cert; import com.netscape.cmsutil.util.Utils; import com.netscape.symkey.SessionKey; +import netscape.security.x509.BasicConstraintsExtension; +import netscape.security.x509.CertificateExtensions; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509CertInfo; + /** * A class representings an administration servlet. This * servlet is responsible to serve Certificate Server @@ -2191,9 +2191,12 @@ public final class CMSAdminServlet extends AdminServlet { modifyRADMCert(nickname); } - boolean verified = CMS.verifySystemCertByNickname(nickname, null); - if (verified == true) { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded: " + nickname); + boolean verified = false; + try { + CMS.debug("CMSAdminServlet: verifying system certificate " + nickname); + CMS.verifySystemCertByNickname(nickname, null); + verified = true; + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, auditSubjectID, @@ -2201,8 +2204,9 @@ public final class CMSAdminServlet extends AdminServlet { nickname); audit(auditMessage); - } else { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed: " + nickname); + + } catch (Exception e) { + CMS.debug(e); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, auditSubjectID, @@ -2211,6 +2215,7 @@ public final class CMSAdminServlet extends AdminServlet { audit(auditMessage); } + // store a message in the signed audit log file auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, |