diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2015-07-06 18:03:08 -0400 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2015-07-09 19:19:09 -0400 |
| commit | 2b4b943fee003115a03f287340ef6bdfd47e8486 (patch) | |
| tree | 01e86cd69c974a64e4aca1bcf36349c8e7f38b00 /base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | |
| parent | ac5447a8e0bac5112882be700a17a9274e322adc (diff) | |
| download | pki-2b4b943fee003115a03f287340ef6bdfd47e8486.tar.gz pki-2b4b943fee003115a03f287340ef6bdfd47e8486.tar.xz pki-2b4b943fee003115a03f287340ef6bdfd47e8486.zip | |
Fixed user-cert-add --serial with remote CA.
The user-cert-add command has been modified to ask the user for
the CA server URI if the CA is not available locally.
A new SubsystemClient.exists() method has been added to check
whether a subsystem is deployed on the target instance.
The SubsystemCLI has been modified to call logout() only if
the operation is executed successfully.
The certificate approval callback class has been refactored out
of PKIConnection into a separate class to clean up circular
dependency with PKIClient.
https://fedorahosted.org/pki/ticket/1448
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index ee88865e6..7e6c2a3c1 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -352,17 +352,16 @@ public class ConfigurationUtils { config.setPassword(passwd); PKIClient client = new PKIClient(config, null); - PKIConnection connection = client.getConnection(); // Ignore the "UNTRUSTED_ISSUER" validity status // during PKI instance creation since we are // utilizing an untrusted temporary CA certificate. - connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER); + client.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER); // Ignore the "CA_CERT_INVALID" validity status // during PKI instance creation since we are // utilizing an untrusted temporary CA certificate. - connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); + client.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); AccountClient accountClient = new AccountClient(client, "ca"); SecurityDomainClient sdClient = new SecurityDomainClient(client, "ca"); @@ -3972,12 +3971,11 @@ public class ConfigurationUtils { config.setCertPassword(dbPass); PKIClient client = new PKIClient(config, null); - PKIConnection connection = client.getConnection(); // Ignore the "UNTRUSTED_ISSUER" and "CA_CERT_INVALID" validity status // during PKI instance creation since we are using an untrusted temporary CA cert. - connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER); - connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); + client.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER); + client.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); AccountClient accountClient = new AccountClient(client, "tks"); TPSConnectorClient tpsConnectorClient = new TPSConnectorClient(client, "tks"); |