diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-07-08 05:29:03 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-08 06:59:43 +0200 |
| commit | 263adf41e84c63f51c10dbf8a310b3e8802b186d (patch) | |
| tree | a9cc891f470ea10b992b23387346253d234a2dd3 /base | |
| parent | 313561ca3270d0f08da95d4ca3bf6782ed32159d (diff) | |
| download | pki-263adf41e84c63f51c10dbf8a310b3e8802b186d.tar.gz pki-263adf41e84c63f51c10dbf8a310b3e8802b186d.tar.xz pki-263adf41e84c63f51c10dbf8a310b3e8802b186d.zip | |
Refactored SystemConfigService.processCert().
The code in SystemConfigService.processCert() that handles external
cert has been reorganized for clarity.
https://pagure.io/dogtagpki/issue/2280
Change-Id: Ia1800cc6560dce1757959bea9e352a2e6d30307e
Diffstat (limited to 'base')
| -rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index b1dc22352..f726db6f1 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -483,13 +483,26 @@ public class SystemConfigService extends PKIService implements SystemConfigResou // update configuration for existing or externally-signed signing certificate String certStr = cs.getString("ca." + tag + ".cert" ); cert.setCert(certStr); - CMS.debug("SystemConfigService: certificate " + tag + ": " + certStr); + + CMS.debug("SystemConfigService: cert: " + certStr); ConfigurationUtils.updateConfig(cs, tag); - } else if (!request.getStepTwo()) { + CMS.debug("SystemConfigService: Loading cert request from CS.cfg"); + ConfigurationUtils.loadCertRequest(cs, tag, cert); + + CMS.debug("SystemConfigService: Loading cert " + tag); + ConfigurationUtils.loadCert(cs, cert); + + CMS.debug("SystemConfigService: External CA has signing cert"); + hasSigningCert.setValue(true); + return cert; + } + + if (!request.getStepTwo()) { ConfigurationUtils.configCert(null, null, null, cert); } else { + String subsystem = cs.getString("preop.cert." + tag + ".subsystem"); String certStr; @@ -505,24 +518,16 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } cert.setCert(certStr); - CMS.debug("Step 2: certStr for '" + tag + "' is " + certStr); + CMS.debug("SystemConfigService: cert: " + certStr); } - if (request.isExternal() && tag.equals("signing")) { // external/existing CA - - CMS.debug("SystemConfigService: Loading cert request for " + tag + " cert"); - ConfigurationUtils.loadCertRequest(cs, tag, cert); - - CMS.debug("SystemConfigService: Loading cert " + tag); - ConfigurationUtils.loadCert(cs, cert); - - } else if (request.getStandAlone()) { + if (request.getStandAlone()) { // Handle Cert Requests for everything EXCEPT Stand-alone PKI (Step 2) if (!request.getStepTwo()) { // Stand-alone PKI (Step 1) ConfigurationUtils.generateCertRequest(cs, tag, cert); - CMS.debug("Stand-alone " + csType + " Admin CSR"); + CMS.debug("SystemConfigService: Standalone " + csType + " Admin CSR"); String adminSubjectDN = request.getAdminSubjectDN(); String certreqStr = request.getAdminCertRequest(); certreqStr = CryptoUtil.normalizeCertAndReq(certreqStr); @@ -536,12 +541,6 @@ public class SystemConfigService extends PKIService implements SystemConfigResou ConfigurationUtils.generateCertRequest(cs, tag, cert); } - if (request.isExternal() && tag.equals("signing")) { // external/existing CA - CMS.debug("SystemConfigService: External CA has signing cert"); - hasSigningCert.setValue(true); - return cert; - } - // to determine if we have the signing cert when using an external ca // this will only execute on a ca or stand-alone pki String b64 = certData.getCert(); |