summaryrefslogtreecommitdiffstats
path: root/pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2011-12-08 21:15:59 -0500
committerAde Lee <alee@redhat.com>2011-12-08 21:15:59 -0500
commit171aaece4f23709d33d180cf36eb3af5e454b0c9 (patch)
tree1485f9f0a7bd10de4ff25030db575dbb8dafae74 /pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java
parentadad2fcee8a29fdb82376fbce07dedb11fccc182 (diff)
downloadpki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.gz
pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.xz
pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.zip
Revert "Formatting"
This reverts commit 32150d3ee32f8ac27118af7c792794b538c78a2f.
Diffstat (limited to 'pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java')
-rw-r--r--pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java1069
1 files changed, 441 insertions, 628 deletions
diff --git a/pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java b/pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java
index 9bcebea3c..337bf9275 100644
--- a/pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java
+++ b/pki/base/silent/src/com/netscape/pkisilent/ConfigureCA.java
@@ -1,5 +1,4 @@
package com.netscape.pkisilent;
-
// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
@@ -18,6 +17,7 @@ package com.netscape.pkisilent;
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
+
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
@@ -41,8 +41,10 @@ import com.netscape.pkisilent.common.ParseXML;
import com.netscape.pkisilent.http.HTTPClient;
import com.netscape.pkisilent.http.HTTPResponse;
+
public class ConfigureCA {
+
// global constants
public static final String DEFAULT_KEY_TYPE = "RSA";
public static final String DEFAULT_KEY_SIZE = "2048";
@@ -55,7 +57,7 @@ public class ConfigureCA {
// define global variables
public static HTTPClient hc = null;
-
+
public static String login_uri = "/ca/admin/console/config/login";
public static String wizard_uri = "/ca/admin/console/config/wizard";
public static String admin_uri = "/ca/admin/ca/getBySerial";
@@ -75,7 +77,7 @@ public class ConfigureCA {
public static String sd_admin_name = null;
public static String sd_admin_password = null;
- // Login Panel
+ // Login Panel
public static String pin = null;
public static String domain_name = null;
@@ -160,7 +162,7 @@ public class ConfigureCA {
public static String ca_audit_signing_cert_pp = null;
public static String ca_audit_signing_cert_cert = null;
- // names
+ // names
public static String ca_sign_cert_subject_name = null;
public static String ca_subsystem_cert_subject_name = null;
public static String ca_ocsp_cert_subject_name = null;
@@ -169,7 +171,7 @@ public class ConfigureCA {
public static String subsystem_name = null;
- public static String external_ca = null;
+ public static String external_ca= null;
public static String ext_ca_cert_file = null;
public static String ext_ca_cert_chain_file = null;
public static String ext_csr_file = null;
@@ -180,9 +182,10 @@ public class ConfigureCA {
public static String clone_p12_passwd = null;
public static String clone_p12_file = null;
- // for correct selection of CA to be cloned
+ //for correct selection of CA to be cloned
public static String urls;
+
public ConfigureCA() {// do nothing :)
}
@@ -201,35 +204,36 @@ public class ConfigureCA {
return status;
}
- public boolean checkStatus(HTTPResponse hr, String name, String expected,
- String location) {
- return checkStatus(hr, name, new String[] { expected }, location);
- }
+ public boolean checkStatus(HTTPResponse hr, String name,
+ String expected, String location) {
+ return checkStatus(hr,name, new String[] {expected}, location);
+ }
- public boolean checkStatus(HTTPResponse hr, String name, String[] expected,
- String location) {
+ public boolean checkStatus(HTTPResponse hr, String name,
+ String[] expected, String location) {
String status = getStatus(hr, name);
if (status == null) {
- System.out.println("Error in " + location + ": " + name
- + " value is null");
+ System.out.println("Error in " + location + ": " + name +
+ " value is null");
return false;
- }
- for (int i = 0; i < expected.length; i++) {
+ }
+ for (int i=0; i< expected.length; i++) {
if (status.equals(expected[i])) {
return true;
}
}
- System.out.println("Error in " + location + ": " + name + " returns "
- + status);
+ System.out.println("Error in " + location + ": " + name +
+ " returns " + status);
return false;
- }
+ }
+
public boolean LoginPanel() {
try {
boolean st = false;
HTTPResponse hr = null;
- String query_string = "pin=" + pin + "&xml=true";
+ String query_string = "pin=" + pin + "&xml=true";
hr = hc.sslConnect(cs_hostname, cs_port, login_uri, query_string);
System.out.println("xml returned: " + hr.getHTML());
@@ -246,8 +250,8 @@ public class ConfigureCA {
hr = null;
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- "p=0&op=next&xml=true");
- if (!checkStatus(hr, "status", "display", "LoginPanel()")) {
+ "p=0&op=next&xml=true");
+ if (! checkStatus(hr, "status", "display", "LoginPanel()")) {
return false;
}
@@ -268,40 +272,33 @@ public class ConfigureCA {
// Software Token
if (token_name.equalsIgnoreCase("internal")) {
query_string = "p=1" + "&op=next" + "&xml=true" + "&choice="
- + URLEncoder.encode("Internal Key Storage Token") + "";
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "TokenChoicePanel()")) {
+ + URLEncoder.encode("Internal Key Storage Token") + "";
+ hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "TokenChoicePanel()")) {
return false;
}
} // HSM
else {
// login to hsm first
query_string = "p=2" + "&op=next" + "&xml=true" + "&uTokName="
- + URLEncoder.encode(token_name) + "&__uPasswd="
- + URLEncoder.encode(token_pwd) + "";
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "TokenChoicePanel()")) {
+ + URLEncoder.encode(token_name) + "&__uPasswd="
+ + URLEncoder.encode(token_pwd) + "";
+ hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "TokenChoicePanel()")) {
return false;
}
-
+
// choice with token name now
query_string = "p=1" + "&op=next" + "&xml=true" + "&choice="
- + URLEncoder.encode(token_name) + "";
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "TokenChoicePanel()")) {
+ + URLEncoder.encode(token_name) + "";
+ hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "TokenChoicePanel()")) {
return false;
}
}
return true;
} catch (Exception e) {
- System.out.println("Exception in TokenChoicePanel(): "
- + e.toString());
+ System.out.println("Exception in TokenChoicePanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -313,20 +310,19 @@ public class ConfigureCA {
String domain_url = "https://" + cs_hostname + ":" + cs_port;
String query_string = null;
- if (!clone) {
+ if (! clone) {
query_string = "sdomainURL=" + URLEncoder.encode(domain_url)
- + "&sdomainName=" + URLEncoder.encode(domain_name)
- + "&choice=newdomain" + "&p=3" + "&op=next"
- + "&xml=true";
+ + "&sdomainName=" + URLEncoder.encode(domain_name)
+ + "&choice=newdomain" + "&p=3" + "&op=next" + "&xml=true";
} else {
- domain_url = "https://" + sd_hostname + ":" + sd_admin_port;
+ domain_url = "https://" + sd_hostname + ":" + sd_admin_port ;
query_string = "sdomainURL=" + URLEncoder.encode(domain_url)
- + "&sdomainName=" + "&choice=existingdomain" + "&p=3"
- + "&op=next" + "&xml=true";
+ + "&sdomainName="
+ + "&choice=existingdomain" + "&p=3" + "&op=next" + "&xml=true";
}
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "DomainPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "DomainPanel()")) {
return false;
}
@@ -342,11 +338,10 @@ public class ConfigureCA {
try {
HTTPResponse hr = null;
String query_string = "p=4" + "&op=next" + "&xml=true";
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
+ hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string);
return true;
} catch (Exception e) {
- System.out.println("Exception in DisplayCertChainPanel(): "
- + e.toString());
+ System.out.println("Exception in DisplayCertChainPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -357,83 +352,78 @@ public class ConfigureCA {
boolean st = false;
HTTPResponse hr = null;
- String subca_url = "https://" + cs_hostname + ":" + cs_port
- + "/ca/admin/console/config/wizard" + "?p=5&subsystem=CA";
+ String subca_url = "https://" + cs_hostname + ":" + cs_port +
+ "/ca/admin/console/config/wizard" + "?p=5&subsystem=CA" ;
String query_string = "url=" + URLEncoder.encode(subca_url);
- hr = hc.sslConnect(sd_hostname, sd_admin_port, sd_login_uri,
- query_string);
+ hr = hc.sslConnect(sd_hostname,sd_admin_port,sd_login_uri,query_string);
- String query_string_1 = "uid=" + sd_admin_name + "&pwd="
- + URLEncoder.encode(sd_admin_password) + "&url="
- + URLEncoder.encode(subca_url);
+ String query_string_1 = "uid=" + sd_admin_name + "&pwd=" + URLEncoder.encode(sd_admin_password) +
+ "&url=" + URLEncoder.encode(subca_url) ;
- hr = hc.sslConnect(sd_hostname, sd_admin_port, sd_get_cookie_uri,
- query_string_1);
+ hr = hc.sslConnect(sd_hostname,sd_admin_port,sd_get_cookie_uri,
+ query_string_1);
// get session id from security domain
-
+
String subca_session_id = hr.getContentValue("header.session_id");
String subca_url_1 = hr.getContentValue("header.url");
-
- System.out.println("SUBCA_SESSION_ID=" + subca_session_id);
- System.out.println("SUBCA_URL=" + subca_url_1);
+
+ System.out.println("SUBCA_SESSION_ID=" + subca_session_id );
+ System.out.println("SUBCA_URL=" + subca_url_1 );
// use session id to connect back to subCA
- String query_string_2 = "p=5" + "&subsystem=CA" + "&session_id="
- + subca_session_id + "&xml=true";
-
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string_2);
+ String query_string_2 = "p=5" + "&subsystem=CA" +
+ "&session_id=" + subca_session_id + "&xml=true" ;
+
+ hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri, query_string_2);
urls = hr.getHTML();
int indx = urls.indexOf(clone_uri);
if (indx < 0) {
throw new Exception("Invalid clone_uri");
}
- urls = urls.substring(urls.lastIndexOf("<option", indx), indx);
+ urls = urls.substring(urls.lastIndexOf("<option" , indx), indx);
urls = urls.split("\"")[1];
System.out.println("urls =" + urls);
- return true;
+ return true;
} catch (Exception e) {
- System.out.println("Exception in SecurityDomainLoginPanel(): "
- + e.toString());
+ System.out.println("Exception in SecurityDomainLoginPanel(): " + e.toString());
e.printStackTrace();
return false;
}
}
public boolean CreateCAPanel() {
- try {
+ try {
boolean st = false;
HTTPResponse hr = null;
String query_string = null;
if (!clone) {
query_string = "p=5" + "&op=next" + "&xml=true"
- + "&choice=newsubsystem" + "&subsystemName="
- + URLEncoder.encode(subsystem_name);
+ + "&choice=newsubsystem" + "&subsystemName="
+ + URLEncoder.encode(subsystem_name);
} else {
query_string = "p=5" + "&op=next" + "&xml=true"
- + "&choice=clonesubsystem" + "&subsystemName="
- + URLEncoder.encode(subsystem_name) + "&urls=" + urls
- + "";
+ + "&choice=clonesubsystem" + "&subsystemName="
+ + URLEncoder.encode(subsystem_name)
+ + "&urls=" + urls + "";
}
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "CreateCAPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "CreateCAPanel()")) {
return false;
}
if (clone) {
hr = null;
- query_string = "p=6" + "&op=next" + "&xml=true";
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "CreateCAPanel(2)")) {
+ query_string = "p=6" + "&op=next" + "&xml=true";
+ hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string);
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "CreateCAPanel(2)")) {
return false;
}
}
@@ -450,44 +440,42 @@ public class ConfigureCA {
try {
HTTPResponse hr = null;
- String query_string = "p=7" + "&op=next" + "&xml=true"
- + "&__password=" + URLEncoder.encode(clone_p12_passwd)
- + "&path=" + URLEncoder.encode(clone_p12_file) + "";
+ String query_string = "p=7" + "&op=next" + "&xml=true"
+ + "&__password=" + URLEncoder.encode(clone_p12_passwd)
+ + "&path=" + URLEncoder.encode(clone_p12_file) + "";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "RestoreKeyCertPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "RestoreKeyCertPanel()")) {
return false;
}
return true;
} catch (Exception e) {
- System.out.println("Exception in RestoreKeyCertPanel(): "
- + e.toString());
+ System.out.println("Exception in RestoreKeyCertPanel(): " + e.toString());
e.printStackTrace();
return false;
}
}
+
public boolean HierarchyPanel() {
- try {
+ try {
boolean st = false;
HTTPResponse hr = null;
- String query_string = "p=8" + "&op=next" + "&xml=true";
- if (external_ca.equalsIgnoreCase("true"))
+ String query_string = "p=8" + "&op=next" + "&xml=true" ;
+ if (external_ca.equalsIgnoreCase("true"))
query_string += "&choice=join";
else
- query_string += "&choice=root";
+ query_string += "&choice=root";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "HierarchyPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "HierarchyPanel()")) {
return false;
}
return true;
} catch (Exception e) {
- System.out
- .println("Exception in HierarchyPanel(): " + e.toString());
+ System.out.println("Exception in HierarchyPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -499,38 +487,26 @@ public class ConfigureCA {
boolean st = false;
HTTPResponse hr = null;
- String query_string = "p=9"
- + "&op=next"
- + "&xml=true"
- + "&host="
- + URLEncoder.encode(ldap_host)
- + "&port="
- + URLEncoder.encode(ldap_port)
- + "&binddn="
- + URLEncoder.encode(bind_dn)
- + "&__bindpwd="
- + URLEncoder.encode(bind_password)
- + "&basedn="
- + URLEncoder.encode(base_dn)
- + "&database="
- + URLEncoder.encode(db_name)
- + "&display="
- + URLEncoder.encode("$displayStr")
- + (secure_conn.equals("true") ? "&secureConn=on" : "")
- + (clone_start_tls.equals("true") ? "&cloneStartTLS=on"
- : "")
- + (remove_data.equals("true") ? "&removeData=true" : "");
+ String query_string = "p=9" + "&op=next" + "&xml=true" + "&host="
+ + URLEncoder.encode(ldap_host) + "&port="
+ + URLEncoder.encode(ldap_port) + "&binddn="
+ + URLEncoder.encode(bind_dn) + "&__bindpwd="
+ + URLEncoder.encode(bind_password) + "&basedn="
+ + URLEncoder.encode(base_dn) + "&database="
+ + URLEncoder.encode(db_name) + "&display="
+ + URLEncoder.encode("$displayStr")
+ + (secure_conn.equals("true")? "&secureConn=on": "")
+ + (clone_start_tls.equals("true")? "&cloneStartTLS=on": "")
+ + (remove_data.equals("true")? "&removeData=true": "");
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "LdapConnectionPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "LdapConnectionPanel()")) {
return false;
}
return true;
} catch (Exception e) {
- System.out.println("Exception in LdapConnectionPanel(): "
- + e.toString());
+ System.out.println("Exception in LdapConnectionPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -545,70 +521,48 @@ public class ConfigureCA {
ArrayList<String> al = null;
String query_string = null;
if (clone) {
- query_string = "p=10" + "&op=next" + "&xml=true"
- + "&sslserver_custom_size=" + sslserver_key_size
- + "&sslserver_custom_curvename="
- + sslserver_key_curvename + "&sslserver_choice=custom"
- + "&sslserver_keytype=" + sslserver_key_type
- + "&choice=custom" + "&keytype=" + key_type
- + "&custom_size=" + key_size;
+ query_string = "p=10" + "&op=next" + "&xml=true"
+ + "&sslserver_custom_size=" + sslserver_key_size
+ + "&sslserver_custom_curvename=" + sslserver_key_curvename
+ + "&sslserver_choice=custom"
+ + "&sslserver_keytype=" + sslserver_key_type
+ + "&choice=custom" + "&keytype=" + key_type
+ + "&custom_size=" + key_size;
} else {
query_string = "p=10" + "&op=next" + "&xml=true"
- + "&subsystem_custom_size="
- + subsystem_key_size
- + "&subsystem_custom_curvename="
- + subsystem_key_curvename
- + "&subsystem_keytype="
- + subsystem_key_type
- + "&subsystem_choice=custom"
- + "&sslserver_custom_size="
- + sslserver_key_size
- + "&sslserver_custom_curvename="
- + sslserver_key_curvename
- + "&sslserver_keytype="
- + sslserver_key_type
- + "&sslserver_choice=custom"
- + "&signing_custom_size="
- + signing_key_size
- + "&signing_custom_curvename="
- + signing_key_curvename
- + "&signing_keytype="
- + signing_key_type
- + "&signing_choice=custom"
- + "&signing_keyalgorithm="
- + key_algorithm
- + "&signing_signingalgorithm="
- + signing_signingalgorithm
- + "&ocsp_signing_custom_size="
- + ocsp_signing_key_size
- + "&ocsp_signing_custom_curvename="
- + ocsp_signing_key_curvename
- + "&ocsp_signing_keytype="
- + ocsp_signing_key_type
- + "&ocsp_signing_choice=custom"
- + "&ocsp_signing_signingalgorithm="
- + ocsp_signing_signingalgorithm
- + "&audit_signing_custom_size="
- + audit_signing_key_size
- + "&audit_signing_custom_curvename="
- + audit_signing_key_curvename
- + "&audit_signing_keytype="
- + audit_signing_key_type
- + "&audit_signing_choice=custom"
- + "&custom_size="
- + key_size
- + "&custom_curvename="
- + key_curvename
- + "&keytype="
- + key_type
- + "&choice=custom"
- + "&signingalgorithm="
- + signing_algorithm
- + "&keyalgorithm=" + key_algorithm;
+ + "&subsystem_custom_size=" + subsystem_key_size
+ + "&subsystem_custom_curvename=" + subsystem_key_curvename
+ + "&subsystem_keytype=" + subsystem_key_type
+ + "&subsystem_choice=custom"
+ + "&sslserver_custom_size=" + sslserver_key_size
+ + "&sslserver_custom_curvename=" + sslserver_key_curvename
+ + "&sslserver_keytype=" + sslserver_key_type
+ + "&sslserver_choice=custom"
+ + "&signing_custom_size=" + signing_key_size
+ + "&signing_custom_curvename=" + signing_key_curvename
+ + "&signing_keytype=" + signing_key_type
+ + "&signing_choice=custom"
+ + "&signing_keyalgorithm=" + key_algorithm
+ + "&signing_signingalgorithm=" + signing_signingalgorithm
+ + "&ocsp_signing_custom_size=" + ocsp_signing_key_size
+ + "&ocsp_signing_custom_curvename=" + ocsp_signing_key_curvename
+ + "&ocsp_signing_keytype=" + ocsp_signing_key_type
+ + "&ocsp_signing_choice=custom"
+ + "&ocsp_signing_signingalgorithm=" + ocsp_signing_signingalgorithm
+ + "&audit_signing_custom_size=" + audit_signing_key_size
+ + "&audit_signing_custom_curvename=" + audit_signing_key_curvename
+ + "&audit_signing_keytype=" + audit_signing_key_type
+ + "&audit_signing_choice=custom"
+ + "&custom_size=" + key_size
+ + "&custom_curvename=" + key_curvename
+ + "&keytype=" + key_type
+ + "&choice=custom"
+ + "&signingalgorithm=" + signing_algorithm
+ + "&keyalgorithm=" + key_algorithm;
}
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "KeyPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "KeyPanel()")) {
return false;
}
@@ -620,7 +574,7 @@ public class ConfigureCA {
// get ca cert subject name
if (al != null) {
for (int i = 0; i < al.size(); i++) {
- String temp = al.get(i);
+ String temp = al.get(i);
if (temp.indexOf("Certificate Authority") > 0) {
ca_cert_name = temp;
@@ -635,13 +589,13 @@ public class ConfigureCA {
}
}
}
-
+
System.out.println("default: ca_cert_name=" + ca_cert_name);
System.out.println("default: ocsp_cert_name=" + ocsp_cert_name);
- System.out.println("default: ca_subsystem_cert_name="
- + ca_subsystem_cert_name);
- System.out.println("default: ca_audit_signing_cert_name="
- + ca_audit_signing_cert_name);
+ System.out.println(
+ "default: ca_subsystem_cert_name=" + ca_subsystem_cert_name);
+ System.out.println(
+ "default: ca_audit_signing_cert_name=" + ca_audit_signing_cert_name);
System.out.println("default: server_cert_name=" + server_cert_name);
return true;
} catch (Exception e) {
@@ -665,33 +619,28 @@ public class ConfigureCA {
// use subject names provided as input
if (!clone) {
- query_string = "p=11" + "&op=next" + "&xml=true"
- + "&subsystem="
- + URLEncoder.encode(ca_subsystem_cert_subject_name)
- + "&ocsp_signing="
- + URLEncoder.encode(ca_ocsp_cert_subject_name)
- + "&signing="
- + URLEncoder.encode(ca_sign_cert_subject_name)
- + "&sslserver="
- + URLEncoder.encode(ca_server_cert_subject_name)
- + "&audit_signing="
- + URLEncoder.encode(ca_audit_signing_cert_subject_name)
- + "&urls=0" + "";
+ query_string = "p=11" + "&op=next" + "&xml=true" + "&subsystem="
+ + URLEncoder.encode(ca_subsystem_cert_subject_name)
+ + "&ocsp_signing="
+ + URLEncoder.encode(ca_ocsp_cert_subject_name) + "&signing="
+ + URLEncoder.encode(ca_sign_cert_subject_name) + "&sslserver="
+ + URLEncoder.encode(ca_server_cert_subject_name) + "&audit_signing="
+ + URLEncoder.encode(ca_audit_signing_cert_subject_name) + "&urls=0"
+ + "";
} else {
- query_string = "p=11" + "&op=next" + "&xml=true"
- + "&sslserver="
- + URLEncoder.encode(ca_server_cert_subject_name)
- + "&urls=0" + "";
- }
+ query_string = "p=11" + "&op=next" + "&xml=true" + "&sslserver="
+ + URLEncoder.encode(ca_server_cert_subject_name) + "&urls=0"
+ + "";
+ }
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "CertSubjectPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "CertSubjectPanel()")) {
return false;
}
bais = new ByteArrayInputStream(hr.getHTML().getBytes());
px.parse(bais);
-
+
req_list = px.constructValueList("CertReqPair", "Request");
cert_list = px.constructValueList("CertReqPair", "Certificate");
dn_list = px.constructValueList("CertReqPair", "Nickname");
@@ -703,50 +652,47 @@ public class ConfigureCA {
if (external_ca.equalsIgnoreCase("true")) {
if ((req_list != null) && (dn_list != null)) {
for (int i = 0; i < dn_list.size(); i++) {
- String temp = dn_list.get(i);
+ String temp = dn_list.get(i);
if (temp.indexOf("caSigningCert") >= 0) {
- ca_cert_req = req_list.get(i);
+ ca_cert_req = req_list.get(i);
}
}
}
if (ext_ca_cert_file == null) {
- try {
- FileOutputStream fos = new FileOutputStream(
- ext_csr_file);
- PrintStream p = new PrintStream(fos);
+ try {
+ FileOutputStream fos = new FileOutputStream(ext_csr_file);
+ PrintStream p = new PrintStream( fos );
p.println(ca_cert_req);
p.close();
return true;
} catch (Exception e) {
- System.out
- .println("CertSubjectPanel: Unable to write CSR for external CA to "
- + ext_csr_file);
+ System.out.println("CertSubjectPanel: Unable to write CSR for external CA to "+ ext_csr_file);
System.out.println(e.toString());
- return false;
- }
- } else {
- try {
+ return false;
+ }
+ }
+ else {
+ try {
ca_cert_cert = "";
- FileInputStream fis = new FileInputStream(
- ext_ca_cert_file);
+ FileInputStream fis = new FileInputStream(ext_ca_cert_file);
DataInputStream in = new DataInputStream(fis);
- while (in.available() != 0) {
+ while (in.available() !=0) {
ca_cert_cert += in.readLine();
}
in.close();
-
+
signing_cc = "";
fis = new FileInputStream(ext_ca_cert_chain_file);
in = new DataInputStream(fis);
- while (in.available() != 0) {
+ while (in.available() !=0) {
signing_cc += in.readLine();
}
in.close();
return true;
- } catch (Exception e) {
- System.out
- .println("CertSubjectPanel: Unable to read in external approved CA cert or certificate chain.");
+ }
+ catch (Exception e) {
+ System.out.println("CertSubjectPanel: Unable to read in external approved CA cert or certificate chain.");
System.out.println(e.toString());
return false;
}
@@ -755,59 +701,52 @@ public class ConfigureCA {
if (req_list != null && cert_list != null && dn_list != null) {
for (int i = 0; i < dn_list.size(); i++) {
- String temp = dn_list.get(i);
-
+ String temp = dn_list.get(i);
+
if (temp.indexOf("caSigningCert") >= 0) {
- ca_cert_req = req_list.get(i);
- ca_cert_cert = cert_list.get(i);
+ ca_cert_req = req_list.get(i);
+ ca_cert_cert = cert_list.get(i);
} else if (temp.indexOf("ocspSigningCert") >= 0) {
- ocsp_cert_req = req_list.get(i);
- ocsp_cert_cert = cert_list.get(i);
+ ocsp_cert_req = req_list.get(i);
+ ocsp_cert_cert = cert_list.get(i);
} else if (temp.indexOf("subsystemCert") >= 0) {
- ca_subsystem_cert_req = req_list.get(i);
- ca_subsystem_cert_cert = cert_list.get(i);
- } else if (temp.indexOf("auditSigningCert") >= 0) {
- ca_audit_signing_cert_req = req_list.get(i);
- ca_audit_signing_cert_cert = cert_list.get(i);
+ ca_subsystem_cert_req = req_list.get(i);
+ ca_subsystem_cert_cert = cert_list.get(i);
+ } else if (temp.indexOf("auditSigningCert") >=0) {
+ ca_audit_signing_cert_req = req_list.get(i);
+ ca_audit_signing_cert_cert = cert_list.get(i);
} else {
- server_cert_req = req_list.get(i);
- server_cert_cert = cert_list.get(i);
+ server_cert_req = req_list.get(i);
+ server_cert_cert = cert_list.get(i);
}
}
}
-
- // print out subject names
+
+ // print out subject names
System.out.println("ca_cert_name=" + ca_sign_cert_subject_name);
System.out.println("ocsp_cert_name=" + ca_ocsp_cert_subject_name);
- System.out.println("ca_subsystem_cert_name="
- + ca_subsystem_cert_subject_name);
- System.out.println("server_cert_name="
- + ca_server_cert_subject_name);
- System.out.println("audit_signing_cert_name="
- + ca_audit_signing_cert_subject_name);
+ System.out.println(
+ "ca_subsystem_cert_name=" + ca_subsystem_cert_subject_name);
+ System.out.println("server_cert_name=" + ca_server_cert_subject_name);
+ System.out.println("audit_signing_cert_name=" + ca_audit_signing_cert_subject_name);
// print out requests
System.out.println("ca_cert_req=" + ca_cert_req);
System.out.println("ocsp_cert_req=" + ocsp_cert_req);
- System.out
- .println("ca_subsystem_cert_req=" + ca_subsystem_cert_req);
+ System.out.println("ca_subsystem_cert_req=" + ca_subsystem_cert_req);
System.out.println("server_cert_req=" + server_cert_req);
- System.out.println("ca_audit_siging_cert_req="
- + ca_audit_signing_cert_req);
+ System.out.println("ca_audit_siging_cert_req=" + ca_audit_signing_cert_req);
// print out certs
System.out.println("ca_cert_cert=" + ca_cert_cert);
System.out.println("ocsp_cert_cert=" + ocsp_cert_cert);
- System.out.println("ca_subsystem_cert_cert="
- + ca_subsystem_cert_cert);
+ System.out.println("ca_subsystem_cert_cert=" + ca_subsystem_cert_cert);
System.out.println("server_cert_cert=" + server_cert_cert);
- System.out.println("ca_audit_signing_cert_cert="
- + ca_audit_signing_cert_cert);
+ System.out.println("ca_audit_signing_cert_cert=" + ca_audit_signing_cert_cert);
return true;
} catch (Exception e) {
- System.out.println("Exception in CertSubjectPanel(): "
- + e.toString());
+ System.out.println("Exception in CertSubjectPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -819,26 +758,24 @@ public class ConfigureCA {
boolean st = false;
HTTPResponse hr = null;
- String query_string = "p=12" + "&op=next" + "&xml=true"
- + "&subsystem=" + URLEncoder.encode(ca_subsystem_cert_cert)
- + "&subsystem_cc=" + "&ocsp_signing="
- + URLEncoder.encode(ocsp_cert_cert) + "&ocsp_signing_cc="
- + "&signing=" + URLEncoder.encode(ca_cert_cert)
- + "&signing_cc=" + "&audit_signing="
- + URLEncoder.encode(ca_audit_signing_cert_cert)
- + "&audit_signing_cc=" + "&sslserver="
- + URLEncoder.encode(server_cert_cert) + "&sslserver_cc="
- + "";
+ String query_string = "p=12" + "&op=next" + "&xml=true" + "&subsystem="
+ + URLEncoder.encode(ca_subsystem_cert_cert) + "&subsystem_cc="
+ + "&ocsp_signing=" + URLEncoder.encode(ocsp_cert_cert)
+ + "&ocsp_signing_cc=" + "&signing="
+ + URLEncoder.encode(ca_cert_cert) + "&signing_cc="
+ + "&audit_signing=" + URLEncoder.encode(ca_audit_signing_cert_cert)
+ + "&audit_signing_cc="
+ + "&sslserver=" + URLEncoder.encode(server_cert_cert)
+ + "&sslserver_cc=" + "";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "CertificatePanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "CertificatePanel()")) {
return false;
}
return true;
} catch (Exception e) {
- System.out.println("Exception in CertificatePanel(): "
- + e.toString());
+ System.out.println("Exception in CertificatePanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -857,19 +794,19 @@ public class ConfigureCA {
ArrayList<String> pp_list = null;
String genString = "...certificate be generated internally...";
- String query_string = "p=12" + "&op=apply" + "&xml=true"
- + "&subsystem=" + URLEncoder.encode(genString)
- + "&subsystem_cc=" + "&ocsp_signing="
- + URLEncoder.encode(genString) + "&ocsp_signing_cc="
- + "&signing=" + URLEncoder.encode(ca_cert_cert)
- + "&signing_cc=" + URLEncoder.encode(signing_cc)
- + "&audit_signing=" + URLEncoder.encode(genString)
- + "&audit_signing_cc=" + "&sslserver="
- + URLEncoder.encode(genString) + "&sslserver_cc=" + "";
+ String query_string = "p=12" + "&op=apply" + "&xml=true" + "&subsystem="
+ + URLEncoder.encode(genString) + "&subsystem_cc="
+ + "&ocsp_signing=" + URLEncoder.encode(genString)
+ + "&ocsp_signing_cc=" + "&signing="
+ + URLEncoder.encode(ca_cert_cert) + "&signing_cc="
+ + URLEncoder.encode(signing_cc)
+ + "&audit_signing=" + URLEncoder.encode(genString)
+ + "&audit_signing_cc="
+ + "&sslserver=" + URLEncoder.encode(genString)
+ + "&sslserver_cc=" + "";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "CertificatePanelExternal()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "CertificatePanelExternal()")) {
return false;
}
@@ -887,23 +824,23 @@ public class ConfigureCA {
if (req_list != null && cert_list != null && dn_list != null) {
for (int i = 0; i < dn_list.size(); i++) {
- String temp = dn_list.get(i);
+ String temp = dn_list.get(i);
if (temp.indexOf("caSigningCert") >= 0) {
- ca_cert_req = req_list.get(i);
- ca_cert_cert = cert_list.get(i);
+ ca_cert_req = req_list.get(i);
+ ca_cert_cert = cert_list.get(i);
} else if (temp.indexOf("ocspSigningCert") >= 0) {
- ocsp_cert_req = req_list.get(i);
- ocsp_cert_cert = cert_list.get(i);
+ ocsp_cert_req = req_list.get(i);
+ ocsp_cert_cert = cert_list.get(i);
} else if (temp.indexOf("subsystemCert") >= 0) {
- ca_subsystem_cert_req = req_list.get(i);
- ca_subsystem_cert_cert = cert_list.get(i);
+ ca_subsystem_cert_req = req_list.get(i);
+ ca_subsystem_cert_cert = cert_list.get(i);
} else if (temp.indexOf("auditSigningCert") >= 0) {
- ca_audit_signing_cert_req = req_list.get(i);
- ca_audit_signing_cert_cert = cert_list.get(i);
+ ca_audit_signing_cert_req = req_list.get(i);
+ ca_audit_signing_cert_cert = cert_list.get(i);
} else {
- server_cert_req = req_list.get(i);
- server_cert_cert = cert_list.get(i);
+ server_cert_req = req_list.get(i);
+ server_cert_cert = cert_list.get(i);
}
}
}
@@ -911,35 +848,29 @@ public class ConfigureCA {
// print out subject name
System.out.println("ca_cert_name=" + ca_sign_cert_subject_name);
System.out.println("ocsp_cert_name=" + ca_ocsp_cert_subject_name);
- System.out.println("ca_subsystem_cert_name="
- + ca_subsystem_cert_subject_name);
- System.out.println("server_cert_name="
- + ca_server_cert_subject_name);
- System.out.println("ca_audit_signing_cert_name="
- + ca_audit_signing_cert_subject_name);
+ System.out.println(
+ "ca_subsystem_cert_name=" + ca_subsystem_cert_subject_name);
+ System.out.println("server_cert_name=" + ca_server_cert_subject_name);
+ System.out.println(
+ "ca_audit_signing_cert_name=" + ca_audit_signing_cert_subject_name);
// print out requests
System.out.println("ca_cert_req=" + ca_cert_req);
System.out.println("ocsp_cert_req=" + ocsp_cert_req);
- System.out
- .println("ca_subsystem_cert_req=" + ca_subsystem_cert_req);
+ System.out.println("ca_subsystem_cert_req=" + ca_subsystem_cert_req);
System.out.println("server_cert_req=" + server_cert_req);
- System.out.println("ca_audit_signing_cert_req="
- + ca_audit_signing_cert_req);
+ System.out.println("ca_audit_signing_cert_req=" + ca_audit_signing_cert_req);
// print out certs
System.out.println("ca_cert_cert=" + ca_cert_cert);
System.out.println("ocsp_cert_cert=" + ocsp_cert_cert);
- System.out.println("ca_subsystem_cert_cert="
- + ca_subsystem_cert_cert);
+ System.out.println("ca_subsystem_cert_cert=" + ca_subsystem_cert_cert);
System.out.println("server_cert_cert=" + server_cert_cert);
- System.out.println("ca_audit_signing_cert_cert="
- + ca_audit_signing_cert_cert);
+ System.out.println("ca_audit_signing_cert_cert=" + ca_audit_signing_cert_cert);
return true;
} catch (Exception e) {
- System.out.println("Exception in CertificatePanelExternal(): "
- + e.toString());
+ System.out.println("Exception in CertificatePanelExternal(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -953,20 +884,17 @@ public class ConfigureCA {
if (save_p12.equalsIgnoreCase("true")) {
String query_string = "p=13" + "&op=next" + "&xml=true"
- + "&choice=backupkey" + "&__pwd="
- + URLEncoder.encode(backup_pwd) + "&__pwdagain="
- + URLEncoder.encode(backup_pwd);
+ + "&choice=backupkey" + "&__pwd=" + URLEncoder.encode(backup_pwd)
+ + "&__pwdagain=" + URLEncoder.encode(backup_pwd);
- hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "BackupPanel()")) {
+ hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "BackupPanel()")) {
return false;
}
- query_string = "";
+ query_string = "";
- hr = hc.sslConnect(cs_hostname, cs_port, pkcs12_uri,
- query_string);
+ hr = hc.sslConnect(cs_hostname, cs_port, pkcs12_uri, query_string);
// dump hr.getResponseData() to file
@@ -977,22 +905,20 @@ public class ConfigureCA {
fos.close();
// set file to permissions 600
- String rtParams[] = { "chmod", "600", backup_fname };
+ String rtParams[] = { "chmod","600", backup_fname};
Process proc = Runtime.getRuntime().exec(rtParams);
- BufferedReader br = new BufferedReader(
- new InputStreamReader(proc.getErrorStream()));
+ BufferedReader br = new BufferedReader(new InputStreamReader(proc.getErrorStream()));
String line = null;
- while ((line = br.readLine()) != null)
- System.out.println("Error: " + line);
+ while ( (line = br.readLine()) != null)
+ System.out.println("Error: " + line);
int exitVal = proc.waitFor();
// verify p12 file
// Decode the P12 file
FileInputStream fis = new FileInputStream(backup_fname);
PFX.Template pfxt = new PFX.Template();
- PFX pfx = (PFX) pfxt.decode(new BufferedInputStream(fis,
- 2048));
+ PFX pfx = (PFX) pfxt.decode(new BufferedInputStream(fis, 2048));
System.out.println("Decoded PFX");
@@ -1001,8 +927,8 @@ public class ConfigureCA {
AuthenticatedSafes authSafes = pfx.getAuthSafes();
SEQUENCE asSeq = authSafes.getSequence();
- System.out.println("AuthSafes has " + asSeq.size()
- + " SafeContents");
+ System.out.println(
+ "AuthSafes has " + asSeq.size() + " SafeContents");
fis.close();
} catch (Exception e) {
@@ -1024,16 +950,14 @@ public class ConfigureCA {
HTTPResponse hr = null;
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- "p=14&op=next&xml=true");
- if (!checkStatus(hr, "updateStatus", SUCCESS,
- "BackupContinuePanel()")) {
+ "p=14&op=next&xml=true");
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "BackupContinuePanel()")) {
return false;
}
- return true;
+ return true;
} catch (Exception e) {
- System.out.println("Exception in BackupContinuePanel(): "
- + e.toString());
+ System.out.println("Exception in BackupContinuePanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -1044,15 +968,14 @@ public class ConfigureCA {
HTTPResponse hr = null;
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri,
- "p=15&op=next&xml=true");
- if (!checkStatus(hr, "updateStatus", SUCCESS, "ImportCACertPanel()")) {
+ "p=15&op=next&xml=true");
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "ImportCACertPanel()")) {
return false;
}
- return true;
+ return true;
} catch (Exception e) {
- System.out.println("Exception in ImportCACertPanel(): "
- + e.toString());
+ System.out.println("Exception in ImportCACertPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -1066,9 +989,8 @@ public class ConfigureCA {
ParseXML px = new ParseXML();
String admin_cert_request = null;
- ComCrypto cCrypt = new ComCrypto(client_certdb_dir,
- client_certdb_pwd, agent_cert_subject, agent_key_size,
- agent_key_type);
+ ComCrypto cCrypt = new ComCrypto(client_certdb_dir, client_certdb_pwd,
+ agent_cert_subject, agent_key_size, agent_key_type);
cCrypt.setDebug(true);
cCrypt.setGenerateRequest(true);
@@ -1079,41 +1001,37 @@ public class ConfigureCA {
String crmf_request = cCrypt.generateCRMFrequest();
if (crmf_request == null) {
- System.out
- .println("ERROR: AdminCertReqPanel() cert req gen failed");
+ System.out.println("ERROR: AdminCertReqPanel() cert req gen failed");
return false;
}
admin_cert_request = crmf_request;
String query_string = "p=16" + "&op=next" + "&xml=true"
- + "&cert_request_type=" + "crmf" + "&uid=" + admin_user
- + "&name=" + admin_user + "&__pwd="
- + URLEncoder.encode(admin_password)
- + "&__admin_password_again="
- + URLEncoder.encode(admin_password) + "&profileId="
- + "caAdminCert" + "&email="
- + URLEncoder.encode(admin_email) + "&cert_request="
- + URLEncoder.encode(admin_cert_request) + "&subject="
- + URLEncoder.encode(agent_cert_subject) + "&clone=new"
- + "&import=true" + "&securitydomain="
- + URLEncoder.encode(domain_name) + "";
+ + "&cert_request_type=" + "crmf" + "&uid=" + admin_user
+ + "&name=" + admin_user + "&__pwd=" + URLEncoder.encode(admin_password)
+ + "&__admin_password_again=" + URLEncoder.encode(admin_password) + "&profileId="
+ + "caAdminCert" + "&email=" + URLEncoder.encode(admin_email)
+ + "&cert_request=" + URLEncoder.encode(admin_cert_request)
+ + "&subject=" + URLEncoder.encode(agent_cert_subject)
+ + "&clone=new"
+ + "&import=true" + "&securitydomain="
+ + URLEncoder.encode(domain_name) + "";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "AdminCertReqPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "AdminCertReqPanel()")) {
return false;
}
// parse xml
bais = new ByteArrayInputStream(hr.getHTML().getBytes());
px.parse(bais);
-
+
admin_serial_number = px.getvalue("serialNumber");
return true;
} catch (Exception e) {
- System.out.println("Exception in AdminCertReqPanel(): "
- + e.toString());
+ System.out.println("Exception in AdminCertReqPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -1127,15 +1045,15 @@ public class ConfigureCA {
String cert_to_import = null;
String query_string = "&serialNumber=" + admin_serial_number
- + "&importCert=true" + "";
+ + "&importCert=true" + "";
hr = hc.sslConnect(cs_hostname, cs_port, admin_uri, query_string);
-
+
try {
// get response data
// Convert a byte array to base64 string
// cert_to_import = new sun.misc.BASE64Encoder().encode(
- // hr.getResponseData());
+ // hr.getResponseData());
cert_to_import = OSUtil.BtoA(hr.getResponseData());
// Convert base64 string to a byte array
@@ -1147,8 +1065,8 @@ public class ConfigureCA {
}
System.out.println("Cert to Import =" + cert_to_import);
- ComCrypto cCrypt = new ComCrypto(client_certdb_dir,
- client_certdb_pwd, null, null, null);
+ ComCrypto cCrypt = new ComCrypto(client_certdb_dir, client_certdb_pwd,
+ null, null, null);
cCrypt.setDebug(true);
cCrypt.setGenerateRequest(true);
@@ -1159,16 +1077,15 @@ public class ConfigureCA {
st = cCrypt.importCert(start + cert_to_import + end, agent_name);
if (!st) {
- System.out
- .println("ERROR: AdminCertImportPanel() during cert import");
+ System.out.println(
+ "ERROR: AdminCertImportPanel() during cert import");
return false;
}
System.out.println("SUCCESS: imported admin user cert");
return true;
} catch (Exception e) {
- System.out.println("Exception in AdminCertImportPanel(): "
- + e.toString());
+ System.out.println("Exception in AdminCertImportPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -1181,19 +1098,19 @@ public class ConfigureCA {
ByteArrayInputStream bais = null;
ParseXML px = new ParseXML();
- String query_string = "p=17" + "&op=next" + "&xml=true"
- + "&caHost=" + URLEncoder.encode("/") + "&caPort="
- + URLEncoder.encode("/") + "";
+ String query_string = "p=17" + "&op=next" + "&xml=true" + "&caHost="
+ + URLEncoder.encode("/") + "&caPort=" + URLEncoder.encode("/")
+ + "";
hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
- if (!checkStatus(hr, "updateStatus", SUCCESS, "UpdateDomainPanel()")) {
+ if (! checkStatus(hr, "updateStatus", SUCCESS, "UpdateDomainPanel()")) {
return false;
}
// parse xml
bais = new ByteArrayInputStream(hr.getHTML().getBytes());
px.parse(bais);
-
+
String caHost = px.getvalue("host");
String caPort = px.getvalue("port");
String systemType = px.getvalue("systemType");
@@ -1201,11 +1118,10 @@ public class ConfigureCA {
System.out.println("caHost=" + caHost);
System.out.println("caPort=" + caPort);
System.out.println("systemType=" + systemType);
-
+
return true;
} catch (Exception e) {
- System.out.println("Exception in UpdateDomainPanel(): "
- + e.toString());
+ System.out.println("Exception in UpdateDomainPanel(): " + e.toString());
e.printStackTrace();
return false;
}
@@ -1242,8 +1158,7 @@ public class ConfigureCA {
boolean disp_token = TokenChoicePanel();
if (!disp_token) {
- System.out
- .println("ERROR: ConfigureCA: TokenChoicePanel() failure");
+ System.out.println("ERROR: ConfigureCA: TokenChoicePanel() failure");
return false;
}
@@ -1258,16 +1173,15 @@ public class ConfigureCA {
// 4. display cert chain panel and security domain login
if (clone) {
boolean disp_st = DisplayCertChainPanel();
- if (!disp_st) {
- System.out
- .println("ERROR: ConfigureCA: DisplayCertChainPanel() failure");
+ if(!disp_st) {
+ System.out.println("ERROR: ConfigureCA: DisplayCertChainPanel() failure");
return false;
}
boolean sd_st = SecurityDomainLoginPanel();
- if (!sd_st) {
- System.out
- .println("ERROR: ConfigureSubCA: SecurityDomainLoginPanel() failure");
+ if(! sd_st)
+ {
+ System.out.println("ERROR: ConfigureSubCA: SecurityDomainLoginPanel() failure");
return false;
}
@@ -1285,19 +1199,17 @@ public class ConfigureCA {
if (clone) {
boolean restore_st = RestoreKeyCertPanel();
if (!restore_st) {
- System.out
- .println("ERROR: ConfigureCA: RestoreKeyCertPanel() failure");
+ System.out.println("ERROR: ConfigureCA: RestoreKeyCertPanel() failure");
return false;
}
}
// 7. hierarchy panel
- if (!clone) {
+ if (! clone) {
boolean disp_h = HierarchyPanel();
if (!disp_h) {
- System.out
- .println("ERROR: ConfigureCA: HierarchyPanel() failure");
+ System.out.println("ERROR: ConfigureCA: HierarchyPanel() failure");
return false;
}
}
@@ -1306,8 +1218,8 @@ public class ConfigureCA {
boolean disp_ldap = LdapConnectionPanel();
if (!disp_ldap) {
- System.out
- .println("ERROR: ConfigureCA: LdapConnectionPanel() failure");
+ System.out.println(
+ "ERROR: ConfigureCA: LdapConnectionPanel() failure");
return false;
}
@@ -1323,8 +1235,7 @@ public class ConfigureCA {
boolean disp_csubj = CertSubjectPanel();
if (!disp_csubj) {
- System.out
- .println("ERROR: ConfigureCA: CertSubjectPanel() failure");
+ System.out.println("ERROR: ConfigureCA: CertSubjectPanel() failure");
return false;
}
@@ -1337,26 +1248,22 @@ public class ConfigureCA {
disp_cp = CertificatePanelExternal();
if (!disp_cp) {
- System.out
- .println("ERROR: ConfigureCA: CertificatePanelExternal() failure");
+ System.out.println("ERROR: ConfigureCA: CertificatePanelExternal() failure");
return false;
}
- } else {
- // first pass - cacert file not defined
- System.out
- .println("A Certificate Request has been generated and stored in "
- + ext_csr_file);
- System.out
- .println("Please submit this CSR to your external CA and obtain the CA Cert and CA Cert Chain");
- return true;
+ }
+ else {
+ // first pass - cacert file not defined
+ System.out.println("A Certificate Request has been generated and stored in " + ext_csr_file);
+ System.out.println("Please submit this CSR to your external CA and obtain the CA Cert and CA Cert Chain");
+ return true;
}
}
disp_cp = CertificatePanel();
if (!disp_cp) {
- System.out
- .println("ERROR: ConfigureCA: CertificatePanel() failure");
+ System.out.println("ERROR: ConfigureCA: CertificatePanel() failure");
return false;
}
@@ -1372,31 +1279,30 @@ public class ConfigureCA {
boolean disp_back_cont = BackupContinuePanel();
if (!disp_back_cont) {
- System.out
- .println("ERROR: ConfigureCA: BackupContinuePanel() failure");
+ System.out.println("ERROR: ConfigureCA: BackupContinuePanel() failure");
return false;
}
+
// 15. Import CA Cert panel
boolean disp_import_cacert = ImportCACertPanel();
if (!disp_import_cacert) {
- System.out
- .println("ERROR: ConfigureCA: ImportCACertPanel() failure");
+ System.out.println("ERROR: ConfigureCA: ImportCACertPanel() failure");
return false;
}
-
- if (clone) {
+
+ if (clone) {
// no other panels required for clone
return true;
}
+
// 16. Admin Cert Req Panel
boolean disp_adm = AdminCertReqPanel();
if (!disp_adm) {
- System.out
- .println("ERROR: ConfigureCA: AdminCertReqPanel() failure");
+ System.out.println("ERROR: ConfigureCA: AdminCertReqPanel() failure");
return false;
}
@@ -1404,8 +1310,8 @@ public class ConfigureCA {
boolean disp_im = AdminCertImportPanel();
if (!disp_im) {
- System.out
- .println("ERROR: ConfigureCA: AdminCertImportPanel() failure");
+ System.out.println(
+ "ERROR: ConfigureCA: AdminCertImportPanel() failure");
return false;
}
@@ -1413,8 +1319,7 @@ public class ConfigureCA {
boolean disp_ud = UpdateDomainPanel();
if (!disp_ud) {
- System.out
- .println("ERROR: ConfigureCA: UpdateDomainPanel() failure");
+ System.out.println("ERROR: ConfigureCA: UpdateDomainPanel() failure");
return false;
}
@@ -1445,7 +1350,7 @@ public class ConfigureCA {
StringHolder x_admin_email = new StringHolder();
StringHolder x_admin_password = new StringHolder();
- // ldap
+ // ldap
StringHolder x_ldap_host = new StringHolder();
StringHolder x_ldap_port = new StringHolder();
StringHolder x_bind_dn = new StringHolder();
@@ -1474,7 +1379,7 @@ public class ConfigureCA {
StringHolder x_ocsp_signing_key_type = new StringHolder();
StringHolder x_ocsp_signing_key_curvename = new StringHolder();
StringHolder x_ocsp_signing_signingalgorithm = new StringHolder();
-
+
// key properties (custom - audit_signing)
StringHolder x_audit_signing_key_size = new StringHolder();
StringHolder x_audit_signing_key_type = new StringHolder();
@@ -1516,17 +1421,17 @@ public class ConfigureCA {
// external CA cert
StringHolder x_external_ca = new StringHolder();
- StringHolder x_ext_ca_cert_file = new StringHolder();
- StringHolder x_ext_ca_cert_chain_file = new StringHolder();
- StringHolder x_ext_csr_file = new StringHolder();
+ StringHolder x_ext_ca_cert_file = new StringHolder();
+ StringHolder x_ext_ca_cert_chain_file = new StringHolder();
+ StringHolder x_ext_csr_file = new StringHolder();
- // clone parameters
+ //clone parameters
StringHolder x_clone = new StringHolder();
StringHolder x_clone_uri = new StringHolder();
StringHolder x_clone_p12_file = new StringHolder();
StringHolder x_clone_p12_passwd = new StringHolder();
- // security domain
+ //security domain
StringHolder x_sd_hostname = new StringHolder();
StringHolder x_sd_ssl_port = new StringHolder();
StringHolder x_sd_agent_port = new StringHolder();
@@ -1534,204 +1439,124 @@ public class ConfigureCA {
StringHolder x_sd_admin_name = new StringHolder();
StringHolder x_sd_admin_password = new StringHolder();
+
// parse the args
ArgParser parser = new ArgParser("ConfigureCA");
- parser.addOption("-cs_hostname %s #CS Hostname", x_cs_hostname);
- parser.addOption("-cs_port %s #CS SSL Admin port", x_cs_port);
+ parser.addOption("-cs_hostname %s #CS Hostname", x_cs_hostname);
+ parser.addOption("-cs_port %s #CS SSL Admin port", x_cs_port);
parser.addOption("-client_certdb_dir %s #Client CertDB dir",
- x_client_certdb_dir);
+ x_client_certdb_dir);
parser.addOption("-client_certdb_pwd %s #client certdb password",
- x_client_certdb_pwd);
- parser.addOption("-preop_pin %s #pre op pin", x_preop_pin);
- parser.addOption("-domain_name %s #domain name", x_domain_name);
- parser.addOption("-admin_user %s #Admin User Name", x_admin_user);
- parser.addOption("-admin_email %s #Admin email", x_admin_email);
- parser.addOption("-admin_password %s #Admin password", x_admin_password);
- parser.addOption("-agent_name %s #Agent Cert Nickname", x_agent_name);
+ x_client_certdb_pwd);
+ parser.addOption("-preop_pin %s #pre op pin", x_preop_pin);
+ parser.addOption("-domain_name %s #domain name", x_domain_name);
+ parser.addOption("-admin_user %s #Admin User Name", x_admin_user);
+ parser.addOption("-admin_email %s #Admin email", x_admin_email);
+ parser.addOption("-admin_password %s #Admin password", x_admin_password);
+ parser.addOption("-agent_name %s #Agent Cert Nickname", x_agent_name);
parser.addOption("-agent_key_size %s #Agent Cert Key size",
- x_agent_key_size);
+ x_agent_key_size);
parser.addOption("-agent_key_type %s #Agent Cert Key type [rsa]",
- x_agent_key_type);
+ x_agent_key_type);
parser.addOption("-agent_cert_subject %s #Agent Certificate Subject",
- x_agent_cert_subject);
+ x_agent_cert_subject);
- parser.addOption("-ldap_host %s #ldap host", x_ldap_host);
- parser.addOption("-ldap_port %s #ldap port", x_ldap_port);
- parser.addOption("-bind_dn %s #ldap bind dn", x_bind_dn);
+ parser.addOption("-ldap_host %s #ldap host", x_ldap_host);
+ parser.addOption("-ldap_port %s #ldap port", x_ldap_port);
+ parser.addOption("-bind_dn %s #ldap bind dn", x_bind_dn);
parser.addOption("-bind_password %s #ldap bind password",
- x_bind_password);
- parser.addOption("-base_dn %s #base dn", x_base_dn);
- parser.addOption("-db_name %s #db name", x_db_name);
- parser.addOption(
- "-secure_conn %s #use ldaps port (optional, default is false)",
- x_secure_conn);
- parser.addOption(
- "-remove_data %s #remove existing data under base_dn (optional, default is false) ",
- x_remove_data);
- parser.addOption(
- "-clone_start_tls %s #use startTLS for cloning replication agreement (optional, default is false)",
- x_clone_start_tls);
+ x_bind_password);
+ parser.addOption("-base_dn %s #base dn", x_base_dn);
+ parser.addOption("-db_name %s #db name", x_db_name);
+ parser.addOption("-secure_conn %s #use ldaps port (optional, default is false)", x_secure_conn);
+ parser.addOption("-remove_data %s #remove existing data under base_dn (optional, default is false) ", x_remove_data);
+ parser.addOption("-clone_start_tls %s #use startTLS for cloning replication agreement (optional, default is false)", x_clone_start_tls);
// key and algorithm options (default)
- parser.addOption(
- "-key_type %s #Key type [RSA,ECC] (optional, default is RSA)",
- x_key_type);
- parser.addOption(
- "-key_size %s #Key Size (optional, for RSA default is 2048)",
- x_key_size);
- parser.addOption(
- "-key_curvename %s #Key Curve Name (optional, for ECC default is nistp256)",
- x_key_curvename);
- parser.addOption(
- "-key_algorithm %s #Key algorithm of the CA certificate (optional, default is SHA256withRSA for RSA and SHA256withEC for ECC)",
- x_key_algorithm);
- parser.addOption(
- "-signing_algorithm %s #Signing algorithm (optional, default is key_algorithm)",
- x_signing_algorithm);
+ parser.addOption("-key_type %s #Key type [RSA,ECC] (optional, default is RSA)", x_key_type);
+ parser.addOption("-key_size %s #Key Size (optional, for RSA default is 2048)", x_key_size);
+ parser.addOption("-key_curvename %s #Key Curve Name (optional, for ECC default is nistp256)", x_key_curvename);
+ parser.addOption("-key_algorithm %s #Key algorithm of the CA certificate (optional, default is SHA256withRSA for RSA and SHA256withEC for ECC)", x_key_algorithm);
+ parser.addOption("-signing_algorithm %s #Signing algorithm (optional, default is key_algorithm)", x_signing_algorithm);
// key and algorithm options for signing certificate (overrides default)
- parser.addOption(
- "-signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)",
- x_signing_key_type);
- parser.addOption(
- "-signing_key_size %s #Key Size (optional, for RSA default is key_size)",
- x_signing_key_size);
- parser.addOption(
- "-signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)",
- x_signing_key_curvename);
- parser.addOption(
- "-signing_signingalgorithm %s #Algorithm used be CA cert to sign objects (optional, default is signing_algorithm)",
- x_signing_signingalgorithm);
-
- // key and algorithm options for ocsp_signing certificate (overrides
- // default)
- parser.addOption(
- "-ocsp_signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)",
- x_ocsp_signing_key_type);
- parser.addOption(
- "-ocsp_signing_key_size %s #Key Size (optional, for RSA default is key_size)",
- x_ocsp_signing_key_size);
- parser.addOption(
- "-ocsp_signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)",
- x_ocsp_signing_key_curvename);
- parser.addOption(
- "-ocsp_signing_signingalgorithm %s #Algorithm used by the OCSP signing cert to sign objects (optional, default is signing_algorithm)",
- x_ocsp_signing_signingalgorithm);
-
- // key and algorithm options for audit_signing certificate (overrides
- // default)
- parser.addOption(
- "-audit_signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)",
- x_audit_signing_key_type);
- parser.addOption(
- "-audit_signing_key_size %s #Key Size (optional, for RSA default is key_size)",
- x_audit_signing_key_size);
- parser.addOption(
- "-audit_signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)",
- x_audit_signing_key_curvename);
-
- // key and algorithm options for subsystem certificate (overrides
- // default)
- parser.addOption(
- "-subsystem_key_type %s #Key type [RSA,ECC] (optional, default is key_type)",
- x_subsystem_key_type);
- parser.addOption(
- "-subsystem_key_size %s #Key Size (optional, for RSA default is key_size)",
- x_subsystem_key_size);
- parser.addOption(
- "-subsystem_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)",
- x_subsystem_key_curvename);
-
- // key and algorithm options for sslserver certificate (overrides
- // default)
- parser.addOption(
- "-sslserver_key_type %s #Key type [RSA,ECC] (optional, default is key_type)",
- x_sslserver_key_type);
- parser.addOption(
- "-sslserver_key_size %s #Key Size (optional, for RSA default is key_size)",
- x_sslserver_key_size);
- parser.addOption(
- "-sslserver_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)",
- x_sslserver_key_curvename);
-
- parser.addOption("-token_name %s #HSM/Software Token name",
- x_token_name);
- parser.addOption(
- "-token_pwd %s #HSM/Software Token password (optional - only required for HSM)",
- x_token_pwd);
+ parser.addOption("-signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)", x_signing_key_type);
+ parser.addOption("-signing_key_size %s #Key Size (optional, for RSA default is key_size)", x_signing_key_size);
+ parser.addOption("-signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)", x_signing_key_curvename);
+ parser.addOption("-signing_signingalgorithm %s #Algorithm used be CA cert to sign objects (optional, default is signing_algorithm)", x_signing_signingalgorithm);
+
+ // key and algorithm options for ocsp_signing certificate (overrides default)
+ parser.addOption("-ocsp_signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)", x_ocsp_signing_key_type);
+ parser.addOption("-ocsp_signing_key_size %s #Key Size (optional, for RSA default is key_size)", x_ocsp_signing_key_size);
+ parser.addOption("-ocsp_signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)", x_ocsp_signing_key_curvename);
+ parser.addOption("-ocsp_signing_signingalgorithm %s #Algorithm used by the OCSP signing cert to sign objects (optional, default is signing_algorithm)", x_ocsp_signing_signingalgorithm);
+
+ // key and algorithm options for audit_signing certificate (overrides default)
+ parser.addOption("-audit_signing_key_type %s #Key type [RSA,ECC] (optional, default is key_type)", x_audit_signing_key_type);
+ parser.addOption("-audit_signing_key_size %s #Key Size (optional, for RSA default is key_size)", x_audit_signing_key_size);
+ parser.addOption("-audit_signing_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)", x_audit_signing_key_curvename);
+
+ // key and algorithm options for subsystem certificate (overrides default)
+ parser.addOption("-subsystem_key_type %s #Key type [RSA,ECC] (optional, default is key_type)", x_subsystem_key_type);
+ parser.addOption("-subsystem_key_size %s #Key Size (optional, for RSA default is key_size)", x_subsystem_key_size);
+ parser.addOption("-subsystem_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)", x_subsystem_key_curvename);
+
+ // key and algorithm options for sslserver certificate (overrides default)
+ parser.addOption("-sslserver_key_type %s #Key type [RSA,ECC] (optional, default is key_type)", x_sslserver_key_type);
+ parser.addOption("-sslserver_key_size %s #Key Size (optional, for RSA default is key_size)", x_sslserver_key_size);
+ parser.addOption("-sslserver_key_curvename %s #Key Curve Name (optional, for ECC default is key_curvename)", x_sslserver_key_curvename);
+
+ parser.addOption("-token_name %s #HSM/Software Token name", x_token_name);
+ parser.addOption("-token_pwd %s #HSM/Software Token password (optional - only required for HSM)",
+ x_token_pwd);
parser.addOption("-save_p12 %s #Enable/Disable p12 Export[true,false]",
- x_save_p12);
- parser.addOption(
- "-backup_pwd %s #Backup Password for p12 (optional, only required if -save_p12 = true)",
- x_backup_pwd);
- parser.addOption(
- "-backup_fname %s #Backup File for p12, (optional, default is /root/tmp-ca.p12)",
- x_backup_fname);
+ x_save_p12);
+ parser.addOption("-backup_pwd %s #Backup Password for p12 (optional, only required if -save_p12 = true)", x_backup_pwd);
+ parser.addOption("-backup_fname %s #Backup File for p12, (optional, default is /root/tmp-ca.p12)", x_backup_fname);
parser.addOption("-ca_sign_cert_subject_name %s #CA cert subject name",
x_ca_sign_cert_subject_name);
parser.addOption(
"-ca_subsystem_cert_subject_name %s #CA subsystem cert subject name",
- x_ca_subsystem_cert_subject_name);
+ x_ca_subsystem_cert_subject_name);
parser.addOption(
"-ca_ocsp_cert_subject_name %s #CA ocsp cert subject name",
- x_ca_ocsp_cert_subject_name);
+ x_ca_ocsp_cert_subject_name);
parser.addOption(
"-ca_server_cert_subject_name %s #CA server cert subject name",
- x_ca_server_cert_subject_name);
+ x_ca_server_cert_subject_name);
parser.addOption(
"-ca_audit_signing_cert_subject_name %s #CA audit signing cert subject name",
- x_ca_audit_signing_cert_subject_name);
+ x_ca_audit_signing_cert_subject_name);
parser.addOption("-subsystem_name %s #CA subsystem name",
- x_subsystem_name);
-
- parser.addOption(
- "-external %s #Subordinate to external CA [true,false] (optional, default false)",
- x_external_ca);
- parser.addOption(
- "-ext_ca_cert_file %s #File with CA cert from external CA (optional)",
- x_ext_ca_cert_file);
- parser.addOption(
- "-ext_ca_cert_chain_file %s #File with CA cert from external CA (optional)",
+ x_subsystem_name);
+
+ parser.addOption("-external %s #Subordinate to external CA [true,false] (optional, default false)",
+ x_external_ca);
+ parser.addOption("-ext_ca_cert_file %s #File with CA cert from external CA (optional)",
+ x_ext_ca_cert_file);
+ parser.addOption("-ext_ca_cert_chain_file %s #File with CA cert from external CA (optional)",
x_ext_ca_cert_chain_file);
- parser.addOption(
- "-ext_csr_file %s #File to save the CSR for submission to an external CA (optional)",
+ parser.addOption("-ext_csr_file %s #File to save the CSR for submission to an external CA (optional)",
x_ext_csr_file);
- parser.addOption(
- "-clone %s #Clone of another CA [true, false] (optional, default false)",
- x_clone);
- parser.addOption(
- "-clone_uri %s #URL of Master CA to clone. It must have the form https://<hostname>:<EE port> (optional, required if -clone=true)",
- x_clone_uri);
- parser.addOption(
- "-clone_p12_file %s #File containing pk12 keys of Master CA (optional, required if -clone=true)",
- x_clone_p12_file);
- parser.addOption(
- "-clone_p12_password %s #Password for pk12 file (optional, required if -clone=true)",
- x_clone_p12_passwd);
+ parser.addOption("-clone %s #Clone of another CA [true, false] (optional, default false)", x_clone);
+ parser.addOption("-clone_uri %s #URL of Master CA to clone. It must have the form https://<hostname>:<EE port> (optional, required if -clone=true)", x_clone_uri);
+ parser.addOption("-clone_p12_file %s #File containing pk12 keys of Master CA (optional, required if -clone=true)", x_clone_p12_file);
+ parser.addOption("-clone_p12_password %s #Password for pk12 file (optional, required if -clone=true)", x_clone_p12_passwd);
+
+ parser.addOption ("-sd_hostname %s #Security Domain Hostname (optional, required if -clone=true)", x_sd_hostname);
+ parser.addOption ("-sd_ssl_port %s #Security Domain SSL EE port (optional, required if -clone=true)", x_sd_ssl_port);
+ parser.addOption ("-sd_agent_port %s #Security Domain SSL Agent port (optional, required if -clone=true)", x_sd_agent_port);
+ parser.addOption ("-sd_admin_port %s #Security Domain SSL Admin port (optional, required if -clone=true)", x_sd_admin_port);
+ parser.addOption ("-sd_admin_name %s #Security Domain admin name (optional, required if -clone=true)",
+ x_sd_admin_name);
+ parser.addOption ("-sd_admin_password %s #Security Domain admin password (optional, required if -clone=true)",
+ x_sd_admin_password);
- parser.addOption(
- "-sd_hostname %s #Security Domain Hostname (optional, required if -clone=true)",
- x_sd_hostname);
- parser.addOption(
- "-sd_ssl_port %s #Security Domain SSL EE port (optional, required if -clone=true)",
- x_sd_ssl_port);
- parser.addOption(
- "-sd_agent_port %s #Security Domain SSL Agent port (optional, required if -clone=true)",
- x_sd_agent_port);
- parser.addOption(
- "-sd_admin_port %s #Security Domain SSL Admin port (optional, required if -clone=true)",
- x_sd_admin_port);
- parser.addOption(
- "-sd_admin_name %s #Security Domain admin name (optional, required if -clone=true)",
- x_sd_admin_name);
- parser.addOption(
- "-sd_admin_password %s #Security Domain admin password (optional, required if -clone=true)",
- x_sd_admin_password);
// and then match the arguments
String[] unmatched = null;
@@ -1769,50 +1594,35 @@ public class ConfigureCA {
key_type = set_default(x_key_type.value, DEFAULT_KEY_TYPE);
signing_key_type = set_default(x_signing_key_type.value, key_type);
- ocsp_signing_key_type = set_default(x_ocsp_signing_key_type.value,
- key_type);
- audit_signing_key_type = set_default(x_audit_signing_key_type.value,
- key_type);
+ ocsp_signing_key_type = set_default(x_ocsp_signing_key_type.value, key_type);
+ audit_signing_key_type = set_default(x_audit_signing_key_type.value, key_type);
subsystem_key_type = set_default(x_subsystem_key_type.value, key_type);
sslserver_key_type = set_default(x_sslserver_key_type.value, key_type);
key_size = set_default(x_key_size.value, DEFAULT_KEY_SIZE);
signing_key_size = set_default(x_signing_key_size.value, key_size);
- ocsp_signing_key_size = set_default(x_ocsp_signing_key_size.value,
- key_size);
- audit_signing_key_size = set_default(x_audit_signing_key_size.value,
- key_size);
+ ocsp_signing_key_size = set_default(x_ocsp_signing_key_size.value, key_size);
+ audit_signing_key_size = set_default(x_audit_signing_key_size.value, key_size);
subsystem_key_size = set_default(x_subsystem_key_size.value, key_size);
sslserver_key_size = set_default(x_sslserver_key_size.value, key_size);
- key_curvename = set_default(x_key_curvename.value,
- DEFAULT_KEY_CURVENAME);
- signing_key_curvename = set_default(x_signing_key_curvename.value,
- key_curvename);
- ocsp_signing_key_curvename = set_default(
- x_ocsp_signing_key_curvename.value, key_curvename);
- audit_signing_key_curvename = set_default(
- x_audit_signing_key_curvename.value, key_curvename);
- subsystem_key_curvename = set_default(x_subsystem_key_curvename.value,
- key_curvename);
- sslserver_key_curvename = set_default(x_sslserver_key_curvename.value,
- key_curvename);
+ key_curvename = set_default(x_key_curvename.value, DEFAULT_KEY_CURVENAME);
+ signing_key_curvename = set_default(x_signing_key_curvename.value, key_curvename);
+ ocsp_signing_key_curvename = set_default(x_ocsp_signing_key_curvename.value, key_curvename);
+ audit_signing_key_curvename = set_default(x_audit_signing_key_curvename.value, key_curvename);
+ subsystem_key_curvename = set_default(x_subsystem_key_curvename.value, key_curvename);
+ sslserver_key_curvename = set_default(x_sslserver_key_curvename.value, key_curvename);
if (signing_key_type.equalsIgnoreCase("RSA")) {
- key_algorithm = set_default(x_key_algorithm.value,
- DEFAULT_KEY_ALGORITHM_RSA);
+ key_algorithm = set_default(x_key_algorithm.value, DEFAULT_KEY_ALGORITHM_RSA);
} else {
- key_algorithm = set_default(x_key_algorithm.value,
- DEFAULT_KEY_ALGORITHM_ECC);
+ key_algorithm = set_default(x_key_algorithm.value, DEFAULT_KEY_ALGORITHM_ECC);
}
-
- signing_algorithm = set_default(x_signing_algorithm.value,
- key_algorithm);
- signing_signingalgorithm = set_default(
- x_signing_signingalgorithm.value, signing_algorithm);
- ocsp_signing_signingalgorithm = set_default(
- x_ocsp_signing_signingalgorithm.value, signing_algorithm);
-
+
+ signing_algorithm = set_default(x_signing_algorithm.value, key_algorithm);
+ signing_signingalgorithm = set_default(x_signing_signingalgorithm.value, signing_algorithm);
+ ocsp_signing_signingalgorithm = set_default(x_ocsp_signing_signingalgorithm.value, signing_algorithm);
+
token_name = x_token_name.value;
token_pwd = x_token_pwd.value;
save_p12 = x_save_p12.value;
@@ -1828,9 +1638,9 @@ public class ConfigureCA {
ca_ocsp_cert_subject_name = x_ca_ocsp_cert_subject_name.value;
ca_server_cert_subject_name = x_ca_server_cert_subject_name.value;
ca_audit_signing_cert_subject_name = x_ca_audit_signing_cert_subject_name.value;
-
+
subsystem_name = x_subsystem_name.value;
-
+
external_ca = set_default(x_external_ca.value, "false");
ext_ca_cert_file = x_ext_ca_cert_file.value;
ext_ca_cert_chain_file = x_ext_ca_cert_chain_file.value;
@@ -1853,15 +1663,18 @@ public class ConfigureCA {
sd_admin_password = x_sd_admin_password.value;
boolean st = ca.ConfigureCAInstance();
-
+
if (!st) {
System.out.println("ERROR: unable to create CA");
System.exit(-1);
}
-
+
System.out.println("Certificate System - CA Instance Configured.");
System.exit(0);
-
+
}
-};
+}
+
+
+;
generated by cgit (git 2.34.1) at 2024-06-08 21:27:37 +0000