summaryrefslogtreecommitdiffstats
path: root/base
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2012-11-02 16:44:47 -0400
committerAde Lee <alee@redhat.com>2012-11-04 22:13:21 -0500
commita80e994148a81914858f82b14af5fad90e12533d (patch)
tree4d82f4024ef55571053c2446a4b49cca86a1fd7b /base
parentdb9537d210a20b90115374e5b406db6c9658bc3a (diff)
downloadpki-a80e994148a81914858f82b14af5fad90e12533d.zip
pki-a80e994148a81914858f82b14af5fad90e12533d.tar.gz
pki-a80e994148a81914858f82b14af5fad90e12533d.tar.xz
Convert admin cert from ascii to binary before importing into certdb
Sometimes importing the ascii admin cert into th client certdb fails. The binary always appears to work though.
Diffstat (limited to 'base')
-rw-r--r--base/deploy/src/scriptlets/pkijython.py19
-rw-r--r--base/deploy/src/scriptlets/pkimessages.py1
2 files changed, 17 insertions, 3 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index 6f71cb8..4321e0a 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -581,11 +581,18 @@ class rest_client:
admin_cert_file = os.path.join(
master['pki_client_dir'],
master['pki_client_admin_cert'])
+ admin_cert_bin_file = admin_cert_file + ".der"
javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\
" " + "'" + admin_cert_file + "'")
FILE = open(admin_cert_file, "w")
FILE.write(admin_cert)
FILE.close()
+ # convert the cert file to binary
+ command = "AtoB "+ admin_cert_file + " " + admin_cert_bin_file
+ javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_ATOB +\
+ " " + "'" + command + "'")
+ os.system(command)
+
# Since Jython runs under Java, it does NOT support the
# following operating system specific command:
#
@@ -594,11 +601,18 @@ class rest_client:
# config.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS)
#
# Emulate it with a system call.
- command = "chmod" + " " + "660" + " " + admin_cert_file
+ command = "chmod" + " 660 " + admin_cert_file
javasystem.out.println(
log.PKI_JYTHON_CHMOD +\
" " + "'" + command + "'")
os.system(command)
+
+ command = "chmod" + " 660 " + admin_cert_bin_file
+ javasystem.out.println(
+ log.PKI_JYTHON_CHMOD +\
+ " " + "'" + command + "'")
+ os.system(command)
+
# Import the Administration Certificate
# into the client NSS security database
command = "certutil" + " " +\
@@ -613,9 +627,8 @@ class rest_client:
master['pki_client_password_conf'] + " " +\
"-d" + " " +\
master['pki_client_database_dir'] + " " +\
- "-a" + " " +\
"-i" + " " +\
- admin_cert_file
+ admin_cert_bin_file
javasystem.out.println(
log.PKI_JYTHON_ADMIN_CERT_IMPORT +\
" " + "'" + command + "'")
diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py
index cce2e8f..becbea6 100644
--- a/base/deploy/src/scriptlets/pkimessages.py
+++ b/base/deploy/src/scriptlets/pkimessages.py
@@ -282,6 +282,7 @@ PKI_JYTHON_ADMIN_CERT_EXPORT = "exporting Admin Certificate from "\
PKI_JYTHON_ADMIN_CERT_IMPORT = "importing Admin Certificate into "\
"NSS client security database:"
PKI_JYTHON_ADMIN_CERT_SAVE = "saving Admin Certificate to file:"
+PKI_JYTHON_ADMIN_CERT_ATOB = "converting Admin Certificate to binary:"
PKI_JYTHON_CDATA_TAG = "tag:"
PKI_JYTHON_CDATA_CERT = "cert:"
PKI_JYTHON_CDATA_REQUEST = "request:"