Fix bugzilla Bug# 720510 - Console: Adding a certificate into nethsm throws Token not found error.

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2062 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-07-19 00:37:49 +0000
committer: jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-07-19 00:37:49 +0000
commit: 1d924c933024bc526dae36f158332c8c30385d9f (patch)
tree: 611d65dcaa312063907c6a85e637d84f240c92c8 /pki/base/common/src/com
parent: 56c140612731940690a1f5a6992977b3fed01cd6 (diff)
download: pki-1d924c933024bc526dae36f158332c8c30385d9f.tar.gz
pki-1d924c933024bc526dae36f158332c8c30385d9f.tar.xz
pki-1d924c933024bc526dae36f158332c8c30385d9f.zip
2 files changed, 39 insertions, 12 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index 6c12c43b4..77ac6437e 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -2275,23 +2275,45 @@ private void 	createMasterKey(HttpServletRequest req,
             //		nickname).
             //
 
+            CMS.debug("CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: "+ nicknameWithoutTokenName);
             try {
                 jssSubSystem.importCert(pkcs, nicknameWithoutTokenName, 
                     certType);
             } catch (EBaseException e) {
-                // if it fails, let use a different nickname to try
-                Date now = new Date();	
-                String newNickname = nicknameWithoutTokenName + "-" +
+
+                boolean certFound = false;
+
+                String eString = e.toString();
+                if(eString.contains("Failed to find certificate that was just imported")) {
+                    CMS.debug("CMSAdminServlet.installCert(): nickname="+nicknameWithoutTokenName + " TokenException: " + eString);
+
+                    X509Certificate cert = null;
+                    try {
+                        cert = CryptoManager.getInstance().findCertByNickname(nickname);
+                        if (cert != null) {
+                            certFound = true;
+                        }
+                        CMS.debug("CMSAdminServlet.installCert() Found cert just imported: " + nickname);
+                    } catch (Exception ex) {
+                        CMS.debug("CMSAdminServlet.installCert() Can't find cert just imported: " + ex.toString());
+                    }
+                } 
+
+                if (!certFound) {
+                    // if it fails, let use a different nickname to try
+                    Date now = new Date();	
+                    String newNickname = nicknameWithoutTokenName + "-" +
                                      now.getTime();
 
-                jssSubSystem.importCert(pkcs, newNickname, certType);
-                nicknameWithoutTokenName = newNickname;
-                if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) {
-                    nickname = newNickname;
-                } else {
-                    nickname = tokenName + ":" + newNickname;
-                }
-                CMS.debug("CMSAdminServlet: installCert(): nickname="+nickname);
+                    jssSubSystem.importCert(pkcs, newNickname, certType);
+                    nicknameWithoutTokenName = newNickname;
+                    if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) {
+                        nickname = newNickname;
+                    } else {
+                        nickname = tokenName + ":" + newNickname;
+                    }
+                    CMS.debug("CMSAdminServlet: installCert():  After second install attempt following initial error: nickname="+nickname);
+               }
             }
 
             if (certType.equals(Constants.PR_CA_SIGNING_CERT)) {
diff --git a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
index cf63a770b..13b08024a 100644
--- a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
@@ -848,8 +848,13 @@ public final class JssSubsystem implements ICryptoSubsystem {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
             throw new EBaseException(CMS.getUserMessage("CMS_BASE_CRYPTOMANAGER_UNINITIALIZED"));
         } catch (TokenException e) {
+            String eString = e.toString();
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
-            throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", ""));
+            if (eString.contains("Failed to find certificate that was just imported")) {
+                throw new EBaseException(eString);
+            } else {
+                throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", ""));
+            }
         } catch (UserCertConflictException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
             throw new EBaseException(CMS.getUserMessage("CMS_BASE_USERCERT_CONFLICT"));
author	jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-07-19 00:37:49 +0000
committer	jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-07-19 00:37:49 +0000
commit	1d924c933024bc526dae36f158332c8c30385d9f (patch)
tree	611d65dcaa312063907c6a85e637d84f240c92c8 /pki/base/common/src/com
parent	56c140612731940690a1f5a6992977b3fed01cd6 (diff)
download	pki-1d924c933024bc526dae36f158332c8c30385d9f.tar.gz pki-1d924c933024bc526dae36f158332c8c30385d9f.tar.xz pki-1d924c933024bc526dae36f158332c8c30385d9f.zip