diff options
5 files changed, 46 insertions, 18 deletions
diff --git a/base/common/python/pki/nssdb.py b/base/common/python/pki/nssdb.py index 9d276332a..503bd412b 100644 --- a/base/common/python/pki/nssdb.py +++ b/base/common/python/pki/nssdb.py @@ -543,7 +543,9 @@ class NSSDatabase(object): def export_pkcs12(self, pkcs12_file, pkcs12_password=None, pkcs12_password_file=None, - nicknames=None): + nicknames=None, + append=False, + debug=False): tmpdir = tempfile.mkdtemp() @@ -575,6 +577,12 @@ class NSSDatabase(object): '--pkcs12-password-file', password_file ]) + if append: + cmd.extend(['--append']) + + if debug: + cmd.extend(['--debug']) + if nicknames: cmd.extend(nicknames) diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12ExportCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12ExportCLI.java index fab5ecdda..728a9efd1 100644 --- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12ExportCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12ExportCLI.java @@ -61,7 +61,7 @@ public class PKCS12ExportCLI extends CLI { option.setArgName("path"); options.addOption(option); - options.addOption(null, "new-file", false, "Create a new PKCS #12 file"); + options.addOption(null, "append", false, "Append into an existing PKCS #12 file"); options.addOption(null, "no-trust-flags", false, "Do not include trust flags"); options.addOption(null, "no-key", false, "Do not include private key"); options.addOption(null, "no-chain", false, "Do not include certificate chain"); @@ -128,7 +128,7 @@ public class PKCS12ExportCLI extends CLI { Password password = new Password(passwordString.toCharArray()); - boolean newFile = cmd.hasOption("new-file"); + boolean append = cmd.hasOption("append"); boolean includeTrustFlags = !cmd.hasOption("no-trust-flags"); boolean includeKey = !cmd.hasOption("no-key"); boolean includeChain = !cmd.hasOption("no-chain"); @@ -139,13 +139,13 @@ public class PKCS12ExportCLI extends CLI { PKCS12 pkcs12; - if (newFile || !new File(filename).exists()) { - // if new file requested or file does not exist, create a new file - pkcs12 = new PKCS12(); + if (append && new File(filename).exists()) { + // if append requested and file exists, export into the existing file + pkcs12 = util.loadFromFile(filename, password); } else { - // otherwise, export into the existing file - pkcs12 = util.loadFromFile(filename, password); + // otherwise, create a new file + pkcs12 = new PKCS12(); } if (nicknames.length == 0) { diff --git a/base/server/cmscore/src/com/netscape/cmscore/base/PropConfigStore.java b/base/server/cmscore/src/com/netscape/cmscore/base/PropConfigStore.java index eb3f6c312..cc16e247d 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/base/PropConfigStore.java +++ b/base/server/cmscore/src/com/netscape/cmscore/base/PropConfigStore.java @@ -255,7 +255,7 @@ public class PropConfigStore implements IConfigStore, Cloneable { if (str == null) { CMS.traceHashKey(mDebugType, getFullName(name), "<notpresent>"); - throw new EPropertyNotFound(CMS.getUserMessage("CMS_BASE_GET_PROPERTY_FAILED", getName() + "." + name)); + throw new EPropertyNotFound(CMS.getUserMessage("CMS_BASE_GET_PROPERTY_FAILED", getFullName(name))); } // should we check for empty string ? // if (str.length() == 0) { diff --git a/base/server/python/pki/server/cli/instance.py b/base/server/python/pki/server/cli/instance.py index a779f3c16..4eeee5d60 100644 --- a/base/server/python/pki/server/cli/instance.py +++ b/base/server/python/pki/server/cli/instance.py @@ -76,7 +76,9 @@ class InstanceCertExportCLI(pki.cli.CLI): print(' --pkcs12-file <path> Output file to store the exported certificate and key in PKCS #12 format.') print(' --pkcs12-password <password> Password for the PKCS #12 file.') print(' --pkcs12-password-file <path> Input file containing the password for the PKCS #12 file.') + print(' --append Append into an existing PKCS #12 file.') print(' -v, --verbose Run in verbose mode.') + print(' --debug Run in debug mode.') print(' --help Show help message.') print() @@ -86,7 +88,7 @@ class InstanceCertExportCLI(pki.cli.CLI): opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'pkcs12-file=', 'pkcs12-password=', 'pkcs12-password-file=', - 'verbose', 'help']) + 'append', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: ' + str(e)) @@ -99,6 +101,8 @@ class InstanceCertExportCLI(pki.cli.CLI): pkcs12_file = None pkcs12_password = None pkcs12_password_file = None + append = False + debug = False for o, a in opts: if o in ('-i', '--instance'): @@ -113,9 +117,15 @@ class InstanceCertExportCLI(pki.cli.CLI): elif o == '--pkcs12-password-file': pkcs12_password_file = a + elif o == '--append': + append = True + elif o in ('-v', '--verbose'): self.set_verbose(True) + elif o == '--debug': + debug = True + elif o == '--help': self.print_help() sys.exit() @@ -142,12 +152,12 @@ class InstanceCertExportCLI(pki.cli.CLI): pkcs12_file=pkcs12_file, pkcs12_password=pkcs12_password, pkcs12_password_file=pkcs12_password_file, - nicknames=nicknames) + nicknames=nicknames, + append=append, + debug=debug) finally: nssdb.close() - self.print_message('Exported certificates') - class InstanceFindCLI(pki.cli.CLI): diff --git a/base/server/python/pki/server/cli/subsystem.py b/base/server/python/pki/server/cli/subsystem.py index 5ab232cc1..fe395aad6 100644 --- a/base/server/python/pki/server/cli/subsystem.py +++ b/base/server/python/pki/server/cli/subsystem.py @@ -464,7 +464,9 @@ class SubsystemCertExportCLI(pki.cli.CLI): print(' --pkcs12-file <path> Output file to store the exported certificate and key in PKCS #12 format.') print(' --pkcs12-password <password> Password for the PKCS #12 file.') print(' --pkcs12-password-file <path> Input file containing the password for the PKCS #12 file.') + print(' --append Append into an existing PKCS #12 file.') print(' -v, --verbose Run in verbose mode.') + print(' --debug Run in debug mode.') print(' --help Show help message.') print() @@ -474,7 +476,7 @@ class SubsystemCertExportCLI(pki.cli.CLI): opts, args = getopt.gnu_getopt(argv, 'i:v', [ 'instance=', 'cert-file=', 'csr-file=', 'pkcs12-file=', 'pkcs12-password=', 'pkcs12-password-file=', - 'verbose', 'help']) + 'append', 'verbose', 'debug', 'help']) except getopt.GetoptError as e: print('ERROR: ' + str(e)) @@ -494,6 +496,8 @@ class SubsystemCertExportCLI(pki.cli.CLI): pkcs12_file = None pkcs12_password = None pkcs12_password_file = None + append = False + debug = False for o, a in opts: if o in ('-i', '--instance'): @@ -514,9 +518,15 @@ class SubsystemCertExportCLI(pki.cli.CLI): elif o == '--pkcs12-password-file': pkcs12_password_file = a + elif o == '--append': + append = True + elif o in ('-v', '--verbose'): self.set_verbose(True) + elif o == '--debug': + debug = True + elif o == '--help': self.print_help() sys.exit() @@ -526,7 +536,7 @@ class SubsystemCertExportCLI(pki.cli.CLI): self.print_help() sys.exit(1) - if not pkcs12_file: + if not (cert_file or csr_file or pkcs12_file): print('ERROR: missing output file') self.print_help() sys.exit(1) @@ -579,13 +589,13 @@ class SubsystemCertExportCLI(pki.cli.CLI): pkcs12_file=pkcs12_file, pkcs12_password=pkcs12_password, pkcs12_password_file=pkcs12_password_file, - nicknames=nicknames) + nicknames=nicknames, + append=append, + debug=debug) finally: nssdb.close() - self.print_message('Export complete') - class SubsystemCertUpdateCLI(pki.cli.CLI): |