summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xpki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm55
-rwxr-xr-xpki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm2
-rwxr-xr-xpki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm53
-rwxr-xr-xpki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm2
4 files changed, 107 insertions, 5 deletions
diff --git a/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm b/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm
index 901be9a34..b2d235eaa 100755
--- a/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm
+++ b/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm
@@ -85,17 +85,26 @@ sub update
my $instanceID = $::config->get("service.instanceID");
my $host = "";
my $https_ee_port = "";
+ my $https_admin_port = "";
if ($count =~ /http/) {
my $info = new URI::URL($count);
$host = $info->host;
$https_ee_port = $info->port;
+ $https_admin_port = get_secure_admin_port_from_domain_xml($host,
+ $https_ee_port);
+ if( $https_admin_port eq "" ) {
+ $::symbol{errorString} = "missing secure CA admin port. CA must be installed prior to RA installation";
+ return 0;
+ }
} else {
$host = $::config->get("preop.securitydomain.ca$count.host");
$https_ee_port = $::config->get("preop.securitydomain.ca$count.secureport");
+ $https_admin_port = $::config->get("preop.securitydomain.ca$count.secureadminport");
}
- if (($host eq "") || ($https_ee_port eq "")) {
- $::symbol{errorString} = "no CA found. CA, TKS and optionally DRM must be installed prior to RA installation";
+
+ if (($host eq "") || ($https_ee_port eq "") || ($https_admin_port eq "")) {
+ $::symbol{errorString} = "no CA found. CA must be installed prior to RA installation";
return 0;
}
@@ -107,6 +116,7 @@ sub update
my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname");
$::config->put("conn.ca1.clientNickname", $subsystemCertNickName);
$::config->put("conn.ca1.hostport", $host . ":" . $https_ee_port);
+ $::config->put("conn.ca1.hostadminport", $host . ":" . $https_admin_port);
$::config->commit();
@@ -190,4 +200,45 @@ DONE:
return 1;
}
+sub get_secure_admin_port_from_domain_xml
+{
+ my $host = $1;
+ my $https_ee_port = $2;
+
+ # get the domain xml
+ # e. g. - https://water.sfbay.redhat.com:9445/ca/admin/ca/getDomainXML
+
+ my $nickname = $::config->get("preop.cert.sslserver.nickname");
+ my $instanceID = $::config->get("service.instanceID");
+ my $instanceDir = $::config->get("service.instanceDir");
+ my $db_password = `grep \"internal:\" \"$instanceDir/conf/password.conf\" | cut -c10-`;
+ $db_password =~ s/\n$//g;
+
+ my $sd_host = $::config->get("securitydomain.host");
+ my $sd_admin_port = $::config->get("securitydomain.httpsadminport");
+ my $content = `/usr/bin/sslget -d \"$instanceDir/alias\" -p \"$db_password\" -v -n \"$nickname\" -r \"/ca/admin/ca/getDomainXML\" $sd_host:$sd_admin_port`;
+
+ $content =~ /(\<XMLResponse\>.*\<\/XMLResponse\>)/;
+ $content = $1;
+
+ # Retrieve the secure admin port corresponding
+ # to the selected host and secure ee port.
+ my $parser = XML::Simple->new();
+ my $response = $parser->XMLin($content);
+ my $xml = $parser->XMLin( $response->{'DomainInfo'},
+ ForceArray => 1 );
+ my $https_admin_port = "";
+ my $count = 0;
+ foreach my $c (@{$xml->{'CAList'}[0]->{'CA'}}) {
+ if( ( $host eq $c->{'Host'}[0] ) &&
+ ( $https_ee_port eq $c->{'SecurePort'}[0] ) ) {
+ $https_admin_port = https_$c->{'SecureAdminPort'}[0];
+ }
+
+ $count++;
+ }
+
+ return $https_admin_port;
+}
+
1;
diff --git a/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm b/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm
index 54159a336..80cbd523f 100755
--- a/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm
+++ b/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm
@@ -123,7 +123,7 @@ sub display
&PKI::RA::Wizard::debug_log("ImportAdminCertPanel: display");
# my $cainfo = $::config->get("preop.cainfo.select");
- my $cainfo = "https://".$::config->get("conn.ca1.hostport");
+ my $cainfo = "https://".$::config->get("conn.ca1.hostadminport");
my $cainfo_url = new URI::URL($cainfo);
my $serialNumber = $::config->get("preop.admincert.serialno.0");
diff --git a/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm
index eb789dc6b..a08f059b9 100755
--- a/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm
+++ b/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm
@@ -84,16 +84,25 @@ sub update
my $instanceID = $::config->get("service.instanceID");
my $host = "";
my $https_ee_port = "";
+ my $https_admin_port = "";
if ($count =~ /http/) {
my $info = new URI::URL($count);
$host = $info->host;
$https_ee_port = $info->port;
+ $https_admin_port = get_secure_admin_port_from_domain_xml($host,
+ $https_ee_port);
+ if( $https_admin_port eq "" ) {
+ $::symbol{errorString} = "missing secure CA admin port. CA, TKS and optionally DRM must be installed prior to TPS installation";
+ return 0;
+ }
} else {
$host = $::config->get("preop.securitydomain.ca$count.host");
$https_ee_port = $::config->get("preop.securitydomain.ca$count.secureport");
+ $https_admin_port = $::config->get("preop.securitydomain.ca$count.secureadminport");
}
- if (($host eq "") || ($https_ee_port eq "")) {
+
+ if (($host eq "") || ($https_ee_port eq "") || ($https_admin_port eq "")) {
$::symbol{errorString} = "no CA found. CA, TKS and optionally DRM must be installed prior to TPS installation";
return 0;
}
@@ -106,6 +115,7 @@ sub update
my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname");
$::config->put("conn.ca1.clientNickname", $subsystemCertNickName);
$::config->put("conn.ca1.hostport", $host . ":" . $https_ee_port);
+ $::config->put("conn.ca1.hostadminport", $host . ":" . $https_admin_port);
$::config->commit();
@@ -189,4 +199,45 @@ DONE:
return 1;
}
+sub get_secure_admin_port_from_domain_xml
+{
+ my $host = $1;
+ my $https_ee_port = $2;
+
+ # get the domain xml
+ # e. g. - https://water.sfbay.redhat.com:9445/ca/admin/ca/getDomainXML
+
+ my $nickname = $::config->get("preop.cert.sslserver.nickname");
+ my $instanceID = $::config->get("service.instanceID");
+ my $instanceDir = $::config->get("service.instanceDir");
+ my $db_password = `grep \"internal:\" \"$instanceDir/conf/password.conf\" | cut -c10-`;
+ $db_password =~ s/\n$//g;
+
+ my $sd_host = $::config->get("securitydomain.host");
+ my $sd_admin_port = $::config->get("securitydomain.httpsadminport");
+ my $content = `/usr/bin/sslget -d \"$instanceDir/alias\" -p \"$db_password\" -v -n \"$nickname\" -r \"/ca/admin/ca/getDomainXML\" $sd_host:$sd_admin_port`;
+
+ $content =~ /(\<XMLResponse\>.*\<\/XMLResponse\>)/;
+ $content = $1;
+
+ # Retrieve the secure admin port corresponding
+ # to the selected host and secure ee port.
+ my $parser = XML::Simple->new();
+ my $response = $parser->XMLin($content);
+ my $xml = $parser->XMLin( $response->{'DomainInfo'},
+ ForceArray => 1 );
+ my $https_admin_port = "";
+ my $count = 0;
+ foreach my $c (@{$xml->{'CAList'}[0]->{'CA'}}) {
+ if( ( $host eq $c->{'Host'}[0] ) &&
+ ( $https_ee_port eq $c->{'SecurePort'}[0] ) ) {
+ $https_admin_port = https_$c->{'SecureAdminPort'}[0];
+ }
+
+ $count++;
+ }
+
+ return $https_admin_port;
+}
+
1;
diff --git a/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm
index 1112319ca..343b8b95f 100755
--- a/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm
+++ b/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm
@@ -122,7 +122,7 @@ sub display
&PKI::TPS::Wizard::debug_log("ImportAdminCertPanel: display");
# my $cainfo = $::config->get("preop.cainfo.select");
- my $cainfo = "https://".$::config->get("conn.ca1.hostport");
+ my $cainfo = "https://".$::config->get("conn.ca1.hostadminport");
my $cainfo_url = new URI::URL($cainfo);
my $serialNumber = $::config->get("preop.admincert.serialno.0");
generated by cgit (git 2.34.1) at 2024-11-08 20:30:38 +0000