diff options
author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-12-03 21:21:48 +0000 |
---|---|---|
committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-12-03 21:21:48 +0000 |
commit | d6ef121a1728987a6e776922f6683c3dada3c475 (patch) | |
tree | 830c9d7b562ec9e14f8ed65a2941f843a6fec59d /pki | |
parent | 6ed5dadf92189543cfc0a4ff6c3eeb59c0ba061c (diff) | |
download | pki-d6ef121a1728987a6e776922f6683c3dada3c475.tar.gz pki-d6ef121a1728987a6e776922f6683c3dada3c475.tar.xz pki-d6ef121a1728987a6e776922f6683c3dada3c475.zip |
fixes for BZ 510774,531162,504030, 493418
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@877 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki')
-rwxr-xr-x | pki/base/silent/scripts/pkisilent | 7 | ||||
-rwxr-xr-x | pki/base/silent/src/argparser/ArgParser.java | 61 | ||||
-rw-r--r-- | pki/base/silent/src/ca/ConfigureCA.java | 38 | ||||
-rw-r--r-- | pki/base/silent/src/common/ComCrypto.java | 115 | ||||
-rw-r--r-- | pki/base/silent/src/drm/ConfigureDRM.java | 27 | ||||
-rw-r--r-- | pki/base/silent/src/ocsp/ConfigureOCSP.java | 29 | ||||
-rw-r--r-- | pki/base/silent/src/subca/ConfigureSubCA.java | 4 | ||||
-rw-r--r-- | pki/base/silent/src/tks/ConfigureTKS.java | 29 | ||||
-rw-r--r-- | pki/base/silent/src/tps/ConfigureTPS.java | 4 |
9 files changed, 157 insertions, 157 deletions
diff --git a/pki/base/silent/scripts/pkisilent b/pki/base/silent/scripts/pkisilent index c7e5980a7..a051c7391 100755 --- a/pki/base/silent/scripts/pkisilent +++ b/pki/base/silent/scripts/pkisilent @@ -166,7 +166,14 @@ $ENV{CLASSPATH} = "/usr/share/java/silent.jar:" ############################################################################### my $output = `java -cp $ENV{CLASSPATH} @ARGV`; +my $status = $?; print "#######################################################################\n"; print "$output\n"; print "#######################################################################\n"; + +if ($status != 0) { + exit(255); +} else { + exit(0); +} diff --git a/pki/base/silent/src/argparser/ArgParser.java b/pki/base/silent/src/argparser/ArgParser.java index cd1b777de..46251787f 100755 --- a/pki/base/silent/src/argparser/ArgParser.java +++ b/pki/base/silent/src/argparser/ArgParser.java @@ -676,6 +676,7 @@ public class ArgParser int type; int numValues; boolean vectorResult = false; + boolean required = true; String helpMsg = null; String valueDesc = null; @@ -1682,28 +1683,35 @@ public class ArgParser // skip white space following conversion information scanner.skipWhiteSpace(); - // get the help message, if any + // get the help message, if any + + if (!scanner.atEnd()) + { if (scanner.getc() != '#') + { throw new IllegalArgumentException + ("Illegal character(s), expecting '#'"); + } + String helpInfo = scanner.substring (scanner.getIndex()); + // look for second '#'. If there is one, then info + // between the first and second '#' is the value descriptor. + int k = helpInfo.indexOf ("#"); + if (k != -1) + { rec.valueDesc = helpInfo.substring (0, k); + rec.helpMsg = helpInfo.substring (k+1); + } + else + { rec.helpMsg = helpInfo; + } + } + else + { rec.helpMsg = ""; + } + + // parse helpMsg for required/optional information if present + // default to required + if (rec.helpMsg.indexOf("(optional") != -1) { + rec.required = false; + } - if (!scanner.atEnd()) - { if (scanner.getc() != '#') - { throw new IllegalArgumentException - ("Illegal character(s), expecting '#'"); - } - String helpInfo = scanner.substring (scanner.getIndex()); - // look for second '#'. If there is one, then info - // between the first and second '#' is the value descriptor. - int k = helpInfo.indexOf ("#"); - if (k != -1) - { rec.valueDesc = helpInfo.substring (0, k); - rec.helpMsg = helpInfo.substring (k+1); - } - else - { rec.helpMsg = helpInfo; - } - } - else - { rec.helpMsg = ""; - } // add option information to match list if (rec.convertCode == 'h' && firstHelpOption == defaultHelpOption) { matchList.remove (defaultHelpOption); @@ -1743,6 +1751,17 @@ public class ArgParser return null; } + public void checkRequiredArgs() { + for (int i=1; i<matchList.size(); i++) { + Record rec = (Record)matchList.get(i); + StringHolder myString = (StringHolder) rec.resHolder; + if (((myString.value == null) || (myString.value.equals(""))) && (rec.required)) { + printErrorAndExit("Required parameter " + rec.nameList.name + " is not specified."); + } + } + } + + Object getResultHolder (String arg) { Record rec = getRecord(arg, null); diff --git a/pki/base/silent/src/ca/ConfigureCA.java b/pki/base/silent/src/ca/ConfigureCA.java index 371078fa0..5780310d2 100644 --- a/pki/base/silent/src/ca/ConfigureCA.java +++ b/pki/base/silent/src/ca/ConfigureCA.java @@ -582,7 +582,7 @@ public class ConfigureCA { + URLEncoder.encode(ca_ocsp_cert_subject_name) + "&signing=" + URLEncoder.encode(ca_sign_cert_subject_name) + "&sslserver=" + URLEncoder.encode(ca_server_cert_subject_name) + "&audit_signing=" - + URLEncoder.encode(ca_audit_signing_cert_name) + "&urls=0" + + URLEncoder.encode(ca_audit_signing_cert_subject_name) + "&urls=0" + ""; } else { query_string = "p=11" + "&op=next" + "&xml=true" + "&sslserver=" @@ -1460,13 +1460,13 @@ public class ConfigureCA { parser.addOption("-key_size %s #Key Size", x_key_size); parser.addOption("-key_type %s #Key type [RSA,ECC]", x_key_type); parser.addOption("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption("-token_pwd %s #HSM/Software Token password", + parser.addOption("-token_pwd %s #HSM/Software Token password (optional - only required for HSM)", x_token_pwd); parser.addOption("-save_p12 %s #Enable/Disable p12 Export[true,false]", x_save_p12); - parser.addOption("-backup_pwd %s #Backup Password for p12", x_backup_pwd); - parser.addOption("-backup_fname %s #Backup File for p12, default is /root/tmp-ca.p12", x_backup_fname); + parser.addOption("-backup_pwd %s #Backup Password for p12 (optional, only required if -save_p12 = true)", x_backup_pwd); + parser.addOption("-backup_fname %s #Backup File for p12, (optional, default is /root/tmp-ca.p12)", x_backup_fname); parser.addOption("-ca_sign_cert_subject_name %s #CA cert subject name", x_ca_sign_cert_subject_name); @@ -1486,27 +1486,27 @@ public class ConfigureCA { parser.addOption("-subsystem_name %s #CA subsystem name", x_subsystem_name); - parser.addOption("-external %s #Subordinate to external CA [true,false]", + parser.addOption("-external %s #Subordinate to external CA [true,false] (optional, default false)", x_external_ca); - parser.addOption("-ext_ca_cert_file %s #File with CA cert from external CA", + parser.addOption("-ext_ca_cert_file %s #File with CA cert from external CA (optional)", x_ext_ca_cert_file); - parser.addOption("-ext_ca_cert_chain_file %s #File with CA cert from external CA", + parser.addOption("-ext_ca_cert_chain_file %s #File with CA cert from external CA (optional)", x_ext_ca_cert_chain_file); - parser.addOption("-ext_csr_file %s #File to save the CSR for submission to an external CA", + parser.addOption("-ext_csr_file %s #File to save the CSR for submission to an external CA (optional)", x_ext_csr_file); - parser.addOption("-clone %s #Clone of another CA [true, false]", x_clone); - parser.addOption("-clone_uri %s #URL of Master CA to clone", x_clone_uri); - parser.addOption("-clone_p12_file %s #File containing pk12 keys of Master CA", x_clone_p12_file); - parser.addOption("-clone_p12_password %s #Password for pk12 file", x_clone_p12_passwd); + parser.addOption("-clone %s #Clone of another CA [true, false] (optional, default false)", x_clone); + parser.addOption("-clone_uri %s #URL of Master CA to clone (optional)", x_clone_uri); + parser.addOption("-clone_p12_file %s #File containing pk12 keys of Master CA (optional, required if -clone=true)", x_clone_p12_file); + parser.addOption("-clone_p12_password %s #Password for pk12 file (optional, required if -clone=true)", x_clone_p12_passwd); - parser.addOption ("-sd_hostname %s #Security Domain Hostname", x_sd_hostname); - parser.addOption ("-sd_ssl_port %s #Security Domain SSL EE port", x_sd_ssl_port); - parser.addOption ("-sd_agent_port %s #Security Domain SSL Agent port", x_sd_agent_port); - parser.addOption ("-sd_admin_port %s #Security Domain SSL Admin port", x_sd_admin_port); - parser.addOption ("-sd_admin_name %s #Security Domain admin name", + parser.addOption ("-sd_hostname %s #Security Domain Hostname (optional, required if -clone=true)", x_sd_hostname); + parser.addOption ("-sd_ssl_port %s #Security Domain SSL EE port (optional, required if -clone=true)", x_sd_ssl_port); + parser.addOption ("-sd_agent_port %s #Security Domain SSL Agent port (optional, required if -clone=true)", x_sd_agent_port); + parser.addOption ("-sd_admin_port %s #Security Domain SSL Admin port (optional, required if -clone=true)", x_sd_admin_port); + parser.addOption ("-sd_admin_name %s #Security Domain admin name (optional, required if -clone=true)", x_sd_admin_name); - parser.addOption ("-sd_admin_password %s #Security Domain admin password", + parser.addOption ("-sd_admin_password %s #Security Domain admin password (optional, required if -clone=true)", x_sd_admin_password); @@ -1520,6 +1520,8 @@ public class ConfigureCA { System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; diff --git a/pki/base/silent/src/common/ComCrypto.java b/pki/base/silent/src/common/ComCrypto.java index 897c13c45..229a64bf9 100644 --- a/pki/base/silent/src/common/ComCrypto.java +++ b/pki/base/silent/src/common/ComCrypto.java @@ -85,14 +85,6 @@ public class ComCrypto { private CryptoStore store; private Password pass1 = null, pass2 = null; - public String C = null; - public String OU = null; - public String O = null; - public String CN = null; - public String UID = null; - public String L = null; - public String E = null; - private String bstr = "-----BEGIN NEW CERTIFICATE REQUEST-----"; private String blob, Blob1 = null; private String Blob2 = null; @@ -500,57 +492,6 @@ public class ComCrypto { return false; } - public boolean getNames() throws Exception { - - X500Name name = new X500Name(certnickname); - - try { - C = name.getCountry(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - O = name.getOrganization(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - OU = name.getOrganizationalUnit(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - CN = name.getCommonName(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - UID = name.getCommonName(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - L = name.getLocality(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - try { - E = name.getEmail(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - - } - - return true; - } - public String generateCRMFrequest() { URL url = null; URLConnection conn = null; @@ -616,33 +557,13 @@ public class ComCrypto { certTemplate.setVersion(new INTEGER(2)); - // Call getname to split certnickname aka cert subject name - try { - getNames(); - } catch (Exception e) { - System.out.println("Exception: "); - e.getMessage(); - } - - Name n = new Name(); - - if (CN != null) { - n.addCommonName(CN); - } - if (C != null) { - n.addCountryName(C); - } - if (L != null) { - n.addLocalityName(L); - } - if (OU != null) { - n.addOrganizationalUnitName(OU); - } - if (O != null) { - n.addOrganizationName(O); + if (certnickname != null) { + X500Name name = new X500Name(certnickname); + ByteArrayInputStream cs = new ByteArrayInputStream(name.getEncoded()); + Name n = (Name) Name.getTemplate().decode(cs); + certTemplate.setSubject(n); } - certTemplate.setSubject(n); certTemplate.setPublicKey(new SubjectPublicKeyInfo(pair.getPublic())); SEQUENCE seq = new SEQUENCE(); @@ -783,28 +704,12 @@ public class ComCrypto { certTemplate.setVersion(new INTEGER(2)); - // Call getname to split certnickname aka cert subject name - getNames(); - - Name n = new Name(); - - if (CN != null) { - n.addCommonName(CN); + if (certnickname != null) { + X500Name name = new X500Name(certnickname); + ByteArrayInputStream cs = new ByteArrayInputStream(name.getEncoded()); + Name n = (Name) Name.getTemplate().decode(cs); + certTemplate.setSubject(n); } - if (C != null) { - n.addCountryName(C); - } - if (L != null) { - n.addLocalityName(L); - } - if (OU != null) { - n.addOrganizationalUnitName(OU); - } - if (O != null) { - n.addOrganizationName(O); - } - - certTemplate.setSubject(n); certTemplate.setPublicKey(new SubjectPublicKeyInfo(pair.getPublic())); diff --git a/pki/base/silent/src/drm/ConfigureDRM.java b/pki/base/silent/src/drm/ConfigureDRM.java index 8e1725248..7c82aeb47 100644 --- a/pki/base/silent/src/drm/ConfigureDRM.java +++ b/pki/base/silent/src/drm/ConfigureDRM.java @@ -131,6 +131,7 @@ public class ConfigureDRM public static String drm_audit_signing_cert_cert = null; public static String backup_pwd = null; + public static String backup_fname = null; // cert subject names public static String drm_transport_cert_subject_name = null; @@ -641,15 +642,24 @@ public class ConfigureDRM try { - FileOutputStream fos = new FileOutputStream("/tmp/tmp-kra.p12"); + FileOutputStream fos = new FileOutputStream(backup_fname); fos.write(hr.getResponseData()); fos.close(); + // set file to permissions 600 + String rtParams[] = { "chmod","600", backup_fname}; + Process proc = Runtime.getRuntime().exec(rtParams); + + BufferedReader br = new BufferedReader(new InputStreamReader(proc.getErrorStream())); + String line = null; + while ( (line = br.readLine()) != null) + System.out.println("Error: " + line); + int exitVal = proc.waitFor(); // verify p12 file // Decode the P12 file - FileInputStream fis = new FileInputStream("/tmp/tmp-kra.p12"); + FileInputStream fis = new FileInputStream(backup_fname); PFX.Template pfxt = new PFX.Template(); PFX pfx = (PFX) pfxt.decode(new BufferedInputStream(fis, 2048)); System.out.println("Decoded PFX"); @@ -1000,6 +1010,7 @@ public class ConfigureDRM StringHolder x_agent_name = new StringHolder(); StringHolder x_backup_pwd = new StringHolder(); + StringHolder x_backup_fname = new StringHolder(); // drm cert subject name params StringHolder x_drm_subsystem_cert_subject_name = new StringHolder(); @@ -1075,7 +1086,7 @@ public class ConfigureDRM x_key_type); parser.addOption ("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption ("-token_pwd %s #HSM/Software Token password", + parser.addOption ("-token_pwd %s #HSM/Software Token password (optional, required for HSM)", x_token_pwd); parser.addOption ("-agent_key_size %s #Agent Cert Key Size", @@ -1088,6 +1099,9 @@ public class ConfigureDRM parser.addOption ("-backup_pwd %s #PKCS12 password", x_backup_pwd); + parser.addOption("-backup_fname %s #Backup File for p12, (optional, default /root/tmp-kra.p12)", + x_backup_fname); + parser.addOption ( "-drm_transport_cert_subject_name %s #DRM transport cert subject name", x_drm_transport_cert_subject_name); @@ -1119,6 +1133,8 @@ public class ConfigureDRM System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; @@ -1161,6 +1177,11 @@ public class ConfigureDRM agent_cert_subject = x_agent_cert_subject.value; backup_pwd = x_backup_pwd.value; + if ((x_backup_fname.value == null) || (x_backup_fname.equals(""))) { + backup_fname = "/root/tmp-kra.p12"; + } else { + backup_fname = x_backup_fname.value; + } drm_transport_cert_subject_name = x_drm_transport_cert_subject_name.value ; diff --git a/pki/base/silent/src/ocsp/ConfigureOCSP.java b/pki/base/silent/src/ocsp/ConfigureOCSP.java index fa5707e97..707d66995 100644 --- a/pki/base/silent/src/ocsp/ConfigureOCSP.java +++ b/pki/base/silent/src/ocsp/ConfigureOCSP.java @@ -127,6 +127,7 @@ public class ConfigureOCSP public static String backup_pwd = null; + public static String backup_fname = null; // cert subject names public static String ocsp_sign_cert_subject_name = null; @@ -481,7 +482,7 @@ public class ConfigureOCSP "&sslserver=" + URLEncoder.encode(ocsp_server_cert_subject_name) + "&audit_signing=" + - URLEncoder.encode(ocsp_audit_signing_cert_name) + + URLEncoder.encode(ocsp_audit_signing_cert_subject_name) + "&urls=" + URLEncoder.encode(domain_url) + ""; @@ -608,15 +609,24 @@ public class ConfigureOCSP try { - FileOutputStream fos = new FileOutputStream("/tmp/tmp-ocsp.p12"); + FileOutputStream fos = new FileOutputStream(backup_fname); fos.write(hr.getResponseData()); fos.close(); + // set file to permissions 600 + String rtParams[] = { "chmod","600", backup_fname}; + Process proc = Runtime.getRuntime().exec(rtParams); + + BufferedReader br = new BufferedReader(new InputStreamReader(proc.getErrorStream())); + String line = null; + while ( (line = br.readLine()) != null) + System.out.println("Error: " + line); + int exitVal = proc.waitFor(); // verify p12 file // Decode the P12 file - FileInputStream fis = new FileInputStream("/tmp/tmp-ocsp.p12"); + FileInputStream fis = new FileInputStream(backup_fname); PFX.Template pfxt = new PFX.Template(); PFX pfx = (PFX) pfxt.decode(new BufferedInputStream(fis, 2048)); System.out.println("Decoded PFX"); @@ -970,6 +980,7 @@ public class ConfigureOCSP StringHolder x_agent_name = new StringHolder(); StringHolder x_backup_pwd = new StringHolder(); + StringHolder x_backup_fname = new StringHolder(); // ca cert subject name params StringHolder x_ocsp_sign_cert_subject_name = new StringHolder(); @@ -1044,7 +1055,7 @@ public class ConfigureOCSP x_key_type); parser.addOption ("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption ("-token_pwd %s #HSM/Software Token password", + parser.addOption ("-token_pwd %s #HSM/Software Token password (optional, required for HSM)", x_token_pwd); parser.addOption ("-agent_key_size %s #Agent Cert Key Size", @@ -1057,6 +1068,9 @@ public class ConfigureOCSP parser.addOption ("-backup_pwd %s #PKCS12 password", x_backup_pwd); + parser.addOption("-backup_fname %s #Backup File for p12, (optional, default /root/tmp-ocsp.p12", + x_backup_fname); + parser.addOption ( "-ocsp_sign_cert_subject_name %s #OCSP cert subject name", x_ocsp_sign_cert_subject_name); @@ -1085,6 +1099,8 @@ public class ConfigureOCSP System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; @@ -1127,6 +1143,11 @@ public class ConfigureOCSP agent_cert_subject = x_agent_cert_subject.value; backup_pwd = x_backup_pwd.value; + if ((x_backup_fname.value == null) || (x_backup_fname.equals(""))) { + backup_fname = "/root/tmp-ocsp.p12"; + } else { + backup_fname = x_backup_fname.value; + } ocsp_sign_cert_subject_name = x_ocsp_sign_cert_subject_name.value ; ocsp_subsystem_cert_subject_name = diff --git a/pki/base/silent/src/subca/ConfigureSubCA.java b/pki/base/silent/src/subca/ConfigureSubCA.java index dda651a00..1ecbce405 100644 --- a/pki/base/silent/src/subca/ConfigureSubCA.java +++ b/pki/base/silent/src/subca/ConfigureSubCA.java @@ -1066,7 +1066,7 @@ public class ConfigureSubCA x_key_type); parser.addOption ("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption ("-token_pwd %s #HSM/Software Token password", + parser.addOption ("-token_pwd %s #HSM/Software Token password (optional - required for HSM)", x_token_pwd); parser.addOption ("-agent_key_size %s #Agent Cert Key Size", @@ -1108,6 +1108,8 @@ public class ConfigureSubCA System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; diff --git a/pki/base/silent/src/tks/ConfigureTKS.java b/pki/base/silent/src/tks/ConfigureTKS.java index 7d90a7ac8..5c7389753 100644 --- a/pki/base/silent/src/tks/ConfigureTKS.java +++ b/pki/base/silent/src/tks/ConfigureTKS.java @@ -121,6 +121,7 @@ public class ConfigureTKS public static String tks_audit_signing_cert_cert = null; public static String backup_pwd = null; + public static String backup_fname = null; // names public static String tks_subsystem_cert_subject_name = null; @@ -465,7 +466,7 @@ public class ConfigureTKS "&sslserver=" + URLEncoder.encode(tks_server_cert_subject_name) + "&audit_signing=" + - URLEncoder.encode(tks_audit_signing_cert_name) + + URLEncoder.encode(tks_audit_signing_cert_subject_name) + "&urls=" + URLEncoder.encode(domain_url) + ""; @@ -582,15 +583,24 @@ public class ConfigureTKS try { - FileOutputStream fos = new FileOutputStream("/tmp/tmp-tks.p12"); + FileOutputStream fos = new FileOutputStream(backup_fname); fos.write(hr.getResponseData()); fos.close(); + // set file to permissions 600 + String rtParams[] = { "chmod","600", backup_fname}; + Process proc = Runtime.getRuntime().exec(rtParams); + + BufferedReader br = new BufferedReader(new InputStreamReader(proc.getErrorStream())); + String line = null; + while ( (line = br.readLine()) != null) + System.out.println("Error: " + line); + int exitVal = proc.waitFor(); // verify p12 file // Decode the P12 file - FileInputStream fis = new FileInputStream("/tmp/tmp-tks.p12"); + FileInputStream fis = new FileInputStream(backup_fname); PFX.Template pfxt = new PFX.Template(); PFX pfx = (PFX) pfxt.decode(new BufferedInputStream(fis, 2048)); System.out.println("Decoded PFX"); @@ -945,6 +955,7 @@ public class ConfigureTKS StringHolder x_agent_name = new StringHolder(); StringHolder x_backup_pwd = new StringHolder(); + StringHolder x_backup_fname = new StringHolder(); // tks cert subject name params StringHolder x_tks_subsystem_cert_subject_name = new StringHolder(); @@ -1018,7 +1029,7 @@ public class ConfigureTKS x_key_type); parser.addOption ("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption ("-token_pwd %s #HSM/Software Token password", + parser.addOption ("-token_pwd %s #HSM/Software Token password (optional, required for HSM)", x_token_pwd); parser.addOption ("-agent_key_size %s #Agent Cert Key Size", @@ -1031,6 +1042,9 @@ public class ConfigureTKS parser.addOption ("-backup_pwd %s #PKCS12 password", x_backup_pwd); + parser.addOption("-backup_fname %s #Backup File for p12, (optional, default /root/tmp-tks.p12", + x_backup_fname); + parser.addOption ( "-tks_subsystem_cert_subject_name %s #TKS subsystem cert subject name", x_tks_subsystem_cert_subject_name); @@ -1056,6 +1070,8 @@ public class ConfigureTKS System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; @@ -1098,6 +1114,11 @@ public class ConfigureTKS agent_cert_subject = x_agent_cert_subject.value; backup_pwd = x_backup_pwd.value; + if ((x_backup_fname.value == null) || (x_backup_fname.equals(""))) { + backup_fname = "/root/tmp-tks.p12"; + } else { + backup_fname = x_backup_fname.value; + } tks_subsystem_cert_subject_name = x_tks_subsystem_cert_subject_name.value; diff --git a/pki/base/silent/src/tps/ConfigureTPS.java b/pki/base/silent/src/tps/ConfigureTPS.java index 2c3d24da3..7b997d51f 100644 --- a/pki/base/silent/src/tps/ConfigureTPS.java +++ b/pki/base/silent/src/tps/ConfigureTPS.java @@ -1053,7 +1053,7 @@ public class ConfigureTPS parser.addOption ("-token_name %s #HSM/Software Token name", x_token_name); - parser.addOption ("-token_pwd %s #HSM/Software Token password", + parser.addOption ("-token_pwd %s #HSM/Software Token password (optional, required for HSM)", x_token_pwd); parser.addOption ("-key_size %s #Key Size", x_key_size); @@ -1109,6 +1109,8 @@ public class ConfigureTPS System.exit(-1); } + parser.checkRequiredArgs(); + // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; |