diff options
author | Endi S. Dewata <edewata@redhat.com> | 2016-04-16 02:43:03 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2016-04-20 03:08:54 +0200 |
commit | b24ea9e24233636d18806326a9e2883235eb38d7 (patch) | |
tree | 1b9f4133b4757f348d343f6ae51720e464bcec1b /base/server | |
parent | ffcbc6809c1329b290c29eed962efce2bc50392e (diff) | |
download | pki-b24ea9e24233636d18806326a9e2883235eb38d7.tar.gz pki-b24ea9e24233636d18806326a9e2883235eb38d7.tar.xz pki-b24ea9e24233636d18806326a9e2883235eb38d7.zip |
Fixed PKCS #12 export options.
The CLIs for exporting PKCS #12 file have been modified to accept
options to export without trust flags, keys, and/or certificate
chain.
https://fedorahosted.org/pki/ticket/1736
Diffstat (limited to 'base/server')
-rw-r--r-- | base/server/python/pki/server/cli/instance.py | 21 | ||||
-rw-r--r-- | base/server/python/pki/server/cli/subsystem.py | 21 |
2 files changed, 40 insertions, 2 deletions
diff --git a/base/server/python/pki/server/cli/instance.py b/base/server/python/pki/server/cli/instance.py index 4eeee5d60..7520b32b8 100644 --- a/base/server/python/pki/server/cli/instance.py +++ b/base/server/python/pki/server/cli/instance.py @@ -77,6 +77,9 @@ class InstanceCertExportCLI(pki.cli.CLI): print(' --pkcs12-password <password> Password for the PKCS #12 file.') print(' --pkcs12-password-file <path> Input file containing the password for the PKCS #12 file.') print(' --append Append into an existing PKCS #12 file.') + print(' --no-trust-flags Do not include trust flags') + print(' --no-key Do not include private key') + print(' --no-chain Do not include certificate chain') print(' -v, --verbose Run in verbose mode.') print(' --debug Run in debug mode.') print(' --help Show help message.') @@ -88,7 +91,8 @@ class InstanceCertExportCLI(pki.cli.CLI): opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'pkcs12-file=', 'pkcs12-password=', 'pkcs12-password-file=', - 'append', 'verbose', 'debug', 'help']) + 'append', 'no-trust-flags', 'no-key', 'no-chain', + 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: ' + str(e)) @@ -102,6 +106,9 @@ class InstanceCertExportCLI(pki.cli.CLI): pkcs12_password = None pkcs12_password_file = None append = False + include_trust_flags = True + include_key = True + include_chain = True debug = False for o, a in opts: @@ -120,6 +127,15 @@ class InstanceCertExportCLI(pki.cli.CLI): elif o == '--append': append = True + elif o == '--no-trust-flags': + include_trust_flags = False + + elif o == '--no-key': + include_key = False + + elif o == '--no-chain': + include_chain = False + elif o in ('-v', '--verbose'): self.set_verbose(True) @@ -154,6 +170,9 @@ class InstanceCertExportCLI(pki.cli.CLI): pkcs12_password_file=pkcs12_password_file, nicknames=nicknames, append=append, + include_trust_flags=include_trust_flags, + include_key=include_key, + include_chain=include_chain, debug=debug) finally: nssdb.close() diff --git a/base/server/python/pki/server/cli/subsystem.py b/base/server/python/pki/server/cli/subsystem.py index fe395aad6..03d48f926 100644 --- a/base/server/python/pki/server/cli/subsystem.py +++ b/base/server/python/pki/server/cli/subsystem.py @@ -465,6 +465,9 @@ class SubsystemCertExportCLI(pki.cli.CLI): print(' --pkcs12-password <password> Password for the PKCS #12 file.') print(' --pkcs12-password-file <path> Input file containing the password for the PKCS #12 file.') print(' --append Append into an existing PKCS #12 file.') + print(' --no-trust-flags Do not include trust flags') + print(' --no-key Do not include private key') + print(' --no-chain Do not include certificate chain') print(' -v, --verbose Run in verbose mode.') print(' --debug Run in debug mode.') print(' --help Show help message.') @@ -476,7 +479,8 @@ class SubsystemCertExportCLI(pki.cli.CLI): opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'cert-file=', 'csr-file=', 'pkcs12-file=', 'pkcs12-password=', 'pkcs12-password-file=', - 'append', 'verbose', 'debug', 'help']) + 'append', 'no-trust-flags', 'no-key', 'no-chain', + 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: ' + str(e)) @@ -497,6 +501,9 @@ class SubsystemCertExportCLI(pki.cli.CLI): pkcs12_password = None pkcs12_password_file = None append = False + include_trust_flags = True + include_key = True + include_chain = True debug = False for o, a in opts: @@ -521,6 +528,15 @@ class SubsystemCertExportCLI(pki.cli.CLI): elif o == '--append': append = True + elif o == '--no-trust-flags': + include_trust_flags = False + + elif o == '--no-key': + include_key = False + + elif o == '--no-chain': + include_chain = False + elif o in ('-v', '--verbose'): self.set_verbose(True) @@ -591,6 +607,9 @@ class SubsystemCertExportCLI(pki.cli.CLI): pkcs12_password_file=pkcs12_password_file, nicknames=nicknames, append=append, + include_trust_flags=include_trust_flags, + include_key=include_key, + include_chain=include_chain, debug=debug) finally: |