Fixed ConfigurationUtils.importCertChain().

The ConfigurationUtils.importCertChain() has been modified to ignore UNKNOWN_ISSUER error when connecting to a server that does not have the complete certificate chain. https://fedorahosted.org/pki/ticket/2497
author: Endi S. Dewata <edewata@redhat.com> 2016-10-06 22:08:15 +0200
committer: Matthew Harmsen <mharmsen@redhat.com> 2016-10-10 16:38:07 -0600
commit: 10b21dd71e8384d9fa0d12053278d8192eb29d00 (patch)
tree: e9ad162f5cdfa6d6d84c4609edcb4c728f0fd954 /base/server/cms/src/com
parent: 37ef16742ab6a8ba0c849c684c06f60e43608036 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index ed70a099a..001b6ab83 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -261,8 +261,9 @@ public class ConfigurationUtils {
 
         IConfigStore cs = CMS.getConfigStore();
         ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback();
-        // Ignore untrusted issuer to get cert chain.
+        // Ignore untrusted/unknown issuer to get cert chain.
         certApprovalCallback.ignoreError(ValidityStatus.UNTRUSTED_ISSUER);
+        certApprovalCallback.ignoreError(ValidityStatus.UNKNOWN_ISSUER);
         String c = get(host, port, true, serverPath, null, certApprovalCallback);
 
         if (c != null) {
author	Endi S. Dewata <edewata@redhat.com>	2016-10-06 22:08:15 +0200
committer	Matthew Harmsen <mharmsen@redhat.com>	2016-10-10 16:38:07 -0600
commit	10b21dd71e8384d9fa0d12053278d8192eb29d00 (patch)
tree	e9ad162f5cdfa6d6d84c4609edcb4c728f0fd954 /base/server/cms/src/com
parent	37ef16742ab6a8ba0c849c684c06f60e43608036 (diff)