diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2016-09-08 20:06:19 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2016-09-08 21:15:07 +0200 |
| commit | b0a4981937abb1a3decad7decc0a788473464039 (patch) | |
| tree | 1ca437a9d9a1f5717bc0a1976ab5bdc8faab9313 /base/server/cms/src/org | |
| parent | 238d14bb8790037c8d1ca6d9123362ba3bb9fbf1 (diff) | |
| download | pki-b0a4981937abb1a3decad7decc0a788473464039.tar.gz pki-b0a4981937abb1a3decad7decc0a788473464039.tar.xz pki-b0a4981937abb1a3decad7decc0a788473464039.zip | |
Removed support for creating system certificates in different tokens.
The patch that added the support for creating system certificates
in different tokens causes issues in certain cases, so for now it
has been reverted.
https://fedorahosted.org/pki/ticket/2449
Diffstat (limited to 'base/server/cms/src/org')
| -rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index 5cc6f63dc..9d7c176ec 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -199,7 +199,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou try { CMS.debug("Processing '" + cert.getCertTag() + "' certificate:"); ret = ConfigurationUtils.handleCerts(cert); - ConfigurationUtils.setCertPermissions(cert); + ConfigurationUtils.setCertPermissions(cert.getCertTag()); CMS.debug("Processed '" + cert.getCertTag() + "' certificate."); } catch (Exception e) { CMS.debug(e); @@ -386,6 +386,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou processCert( request, + token, certList, certs, hasSigningCert, @@ -414,6 +415,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou public void processCert( ConfigurationRequest request, + String token, Collection<String> certList, Collection<Cert> certs, MutableBoolean hasSigningCert, @@ -458,13 +460,13 @@ public class SystemConfigService extends PKIService implements SystemConfigResou String curvename = certData.getKeyCurveName() != null ? certData.getKeyCurveName() : cs.getString("keys.ecc.curve.default"); cs.putString("preop.cert." + tag + ".curvename.name", curvename); - ConfigurationUtils.createECCKeyPair(tokenName, curvename, cs, tag); + ConfigurationUtils.createECCKeyPair(token, curvename, cs, tag); } else { String keysize = certData.getKeySize() != null ? certData.getKeySize() : cs .getString("keys.rsa.keysize.default"); cs.putString("preop.cert." + tag + ".keysize.size", keysize); - ConfigurationUtils.createRSAKeyPair(tokenName, Integer.parseInt(keysize), cs, tag); + ConfigurationUtils.createRSAKeyPair(token, Integer.parseInt(keysize), cs, tag); } } else { @@ -598,6 +600,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } cs.putString(csSubsystem + "." + tag + ".nickname", cdata.getNickname()); + cs.putString(csSubsystem + "." + tag + ".tokenname", cdata.getToken()); cs.putString(csSubsystem + "." + tag + ".certreq", cdata.getRequest()); cs.putString(csSubsystem + "." + tag + ".cert", cdata.getCert()); cs.putString(csSubsystem + "." + tag + ".dn", cdata.getSubjectDN()); |