diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-16 00:56:23 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-16 00:56:23 +0000 |
commit | 947f08749db7903faba6d0a533db760b45fa55bf (patch) | |
tree | 5b6dc030a6396e560e3a27eaccf0644308691a8f /pki/base/common/src/com/netscape/cms/servlet | |
parent | e2017998826b0db5f05e6c2909aee67b9166865f (diff) | |
download | pki-947f08749db7903faba6d0a533db760b45fa55bf.tar.gz pki-947f08749db7903faba6d0a533db760b45fa55bf.tar.xz pki-947f08749db7903faba6d0a533db760b45fa55bf.zip |
Bug 642359 - CC Feature - need to verify certificate when it is added
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1503 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index 79c20a614..445959157 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -85,6 +85,8 @@ public final class CMSAdminServlet extends AdminServlet { "LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC_3"; private final static String LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION = "LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION_2"; + private final static String LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION = + "LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION_3"; // CMS must be instantiated before this admin servlet. @@ -2287,6 +2289,7 @@ private void createMasterKey(HttpServletRequest req, } else { nickname = tokenName + ":" + newNickname; } + CMS.debug("CMSAdminServlet: installCert(): nickname="+nickname); } if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { @@ -2404,6 +2407,26 @@ private void createMasterKey(HttpServletRequest req, modifyRADMCert(nickname); } + boolean verified = CMS.verifySystemCertByNickname(nickname, null); + if (verified == true) { + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded:"+ nickname); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, + auditSubjectID, + ILogger.SUCCESS, + nickname); + + audit(auditMessage); + } else { + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed:"+ nickname); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, + auditSubjectID, + ILogger.FAILURE, + nickname); + + audit(auditMessage); + } // store a message in the signed audit log file auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, @@ -3170,6 +3193,7 @@ private void createMasterKey(HttpServletRequest req, ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); jssSubSystem.setRootCertTrust(nickname, serialno, issuername, trust); + sendResponse(SUCCESS, null, null, resp); } |