diff options
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 15 | ||||
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java | 21 |
2 files changed, 30 insertions, 6 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 92a901791..ed70a099a 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -289,9 +289,20 @@ public class ConfigurationUtils { // separate individual certs in chain for display byte[] decoded = CryptoUtil.base64Decode(certchain); java.security.cert.X509Certificate[] b_certchain = CryptoUtil.getX509CertificateFromPKCS7(decoded); - int size = 0; - if (b_certchain != null) { + int size; + + if (b_certchain == null) { + CMS.debug("ConfigurationUtils: no certificate chain"); + + size = 0; + + } else { + CMS.debug("ConfigurationUtils: certificate chain:"); + for (java.security.cert.X509Certificate cert : b_certchain) { + CMS.debug("ConfigurationUtils: - " + cert.getSubjectDN()); + } + size = b_certchain.length; } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java index 8cc0f85d6..df60d4230 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetCertChain.java @@ -19,6 +19,7 @@ package com.netscape.cms.servlet.csadmin; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.security.cert.X509Certificate; import java.util.Locale; import javax.servlet.ServletConfig; @@ -26,8 +27,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.CertificateChain; - import org.w3c.dom.Node; import com.netscape.certsrv.apps.CMS; @@ -39,6 +38,8 @@ import com.netscape.cms.servlet.base.UserInfo; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cmsutil.xml.XMLObject; +import netscape.security.x509.CertificateChain; + public class GetCertChain extends CMSServlet { /** @@ -70,17 +71,29 @@ public class GetCertChain extends CMSServlet { * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { + HttpServletResponse httpResp = cmsReq.getHttpResp(); CertificateChain certChain = ((ICertAuthority) mAuthority).getCACertChain(); if (certChain == null) { - CMS.debug( - "GetCertChain displayChain: cannot get the certificate chain."); + CMS.debug("GetCertChain: cannot get the certificate chain."); outputError(httpResp, "Error: Failed to get certificate chain."); return; } + X509Certificate[] certs = certChain.getChain(); + + if (certs == null) { + CMS.debug("GetCertChain: no certificate chain"); + + } else { + CMS.debug("GetCertChain: certificate chain:"); + for (X509Certificate cert : certs) { + CMS.debug("GetCertChain: - " + cert.getSubjectDN()); + } + } + byte[] bytes = null; try { |