diff options
Diffstat (limited to 'base/deploy/src/scriptlets/pkijython.py')
-rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 50 |
1 files changed, 30 insertions, 20 deletions
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index e6098b01a..595dde2fc 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -350,25 +350,34 @@ class rest_client: data.setAdminPassword(self.sensitive['pki_admin_password']) data.setAdminProfileID(self.master['pki_admin_profile_id']) data.setAdminUID(self.master['pki_admin_uid']) - data.setAdminSubjectDN(self.master['pki_admin_subject_dn']) - if self.master['pki_admin_cert_request_type'] == "crmf": - data.setAdminCertRequestType("crmf") - if config.str2bool(self.master['pki_admin_dualkey']): - crmf_request = generateCRMFRequest( - token, - self.master['pki_admin_keysize'], - self.master['pki_admin_subject_dn'], - "true") - else: - crmf_request = generateCRMFRequest( - token, - self.master['pki_admin_keysize'], - self.master['pki_admin_subject_dn'], - "false") - data.setAdminCertRequest(crmf_request) + if config.str2bool(self.master['pki_use_common_admin_user']): + data.setUseCommonAdmin("true") + # read config from file + f = open(self.master['pki_admin_cert_file']) + b64 = f.read().replace('\n','') + f.close() + data.setAdminCert(b64) else: - javasystem.out.println(log.PKI_JYTHON_CRMF_SUPPORT_ONLY) - javasystem.exit(1) + data.setUseCommonAdmin("false") + data.setAdminSubjectDN(self.master['pki_admin_subject_dn']) + if self.master['pki_admin_cert_request_type'] == "crmf": + data.setAdminCertRequestType("crmf") + if config.str2bool(self.master['pki_admin_dualkey']): + crmf_request = generateCRMFRequest( + token, + self.master['pki_admin_keysize'], + self.master['pki_admin_subject_dn'], + "true") + else: + crmf_request = generateCRMFRequest( + token, + self.master['pki_admin_keysize'], + self.master['pki_admin_subject_dn'], + "false") + data.setAdminCertRequest(crmf_request) + else: + javasystem.out.println(log.PKI_JYTHON_CRMF_SUPPORT_ONLY) + javasystem.exit(1) def create_system_cert(self, tag): cert = SystemCertData() @@ -569,13 +578,14 @@ class rest_client: javasystem.out.println(log.PKI_JYTHON_CDATA_REQUEST + " " +\ cdata.getRequest()) # Cloned PKI subsystems do not return an Admin Certificate - if not config.str2bool(master['pki_clone']): + if not config.str2bool(master['pki_clone']) and \ + not config.str2bool(master['pki_use_common_admin_user']): admin_cert = response.getAdminCert().getCert() javasystem.out.println(log.PKI_JYTHON_RESPONSE_ADMIN_CERT +\ " " + admin_cert) # Store the Administration Certificate in a file admin_cert_file = os.path.join( - master['pki_client_dir'], + master['pki_database_path'], master['pki_client_admin_cert']) admin_cert_bin_file = admin_cert_file + ".der" javasystem.out.println(log.PKI_JYTHON_ADMIN_CERT_SAVE +\ |