diff options
author | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-20 00:12:24 +0000 |
---|---|---|
committer | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-20 00:12:24 +0000 |
commit | 6169ee60eade7c6b7dee3cd4d7b71dfdb7e85c06 (patch) | |
tree | 35aa4d4ef87701718b4e6b5a46dc557d2a8832a6 /pki/base/ca/src/com/netscape/ca/CertificateAuthority.java | |
parent | 7e0e69b19ac1458b7643fc773fcf0ac891ac9221 (diff) | |
download | pki-6169ee60eade7c6b7dee3cd4d7b71dfdb7e85c06.tar.gz pki-6169ee60eade7c6b7dee3cd4d7b71dfdb7e85c06.tar.xz pki-6169ee60eade7c6b7dee3cd4d7b71dfdb7e85c06.zip |
Fixed bugzilla bug #531137.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1753 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ca/src/com/netscape/ca/CertificateAuthority.java')
-rw-r--r-- | pki/base/ca/src/com/netscape/ca/CertificateAuthority.java | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java index f361c0af2..49e88a5bb 100644 --- a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java +++ b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java @@ -649,7 +649,8 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori c.putBoolean("enable", enable); c.putString("enableCRLCache", "true"); c.putString("enableCRLUpdates", "true"); - c.putString("enableCacheRecovery", "false"); + c.putString("enableCacheTesting", "false"); + c.putString("enableCacheRecovery", "true"); c.putString("enableDailyUpdates", "false"); c.putString("enableUpdateInterval", "true"); c.putString("extendedNextUpdate", "true"); @@ -657,6 +658,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori c.putString("minUpdateInterval", "0"); c.putString("nextUpdateGracePeriod", "0"); c.putString("publishOnStart", "false"); + c.putString("saveMemory", "false"); c.putString("signingAlgorithm", "SHA256withRSA"); c.putString("updateSchema", "1"); @@ -896,10 +898,19 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori byte[] signature = mCRLSigningUnit.sign(tbsCertList, algname); - tmp.putBitString(signature); - out.write(DerValue.tag_Sequence, tmp); + if (crl.setSignature(signature)) { + tmp.putBitString(signature); + out.write(DerValue.tag_Sequence, tmp); - signedcrl = new X509CRLImpl(out.toByteArray()); + if (crl.setSignedCRL(out.toByteArray())) { + signedcrl = crl; + // signedcrl = new X509CRLImpl(out.toByteArray()); + } else { + CMS.debug("Failed to add signed-CRL to CRL object."); + } + } else { + CMS.debug("Failed to add signature to CRL object."); + } } catch (CRLException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_CA_CA_SIGN_CRL", e.toString(), e.getMessage())); throw new ECAException( |