diff options
Diffstat (limited to 'base/java-tools/src/com/netscape')
3 files changed, 48 insertions, 15 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index 4d63d9bc1..159e4ac5a 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -23,8 +23,10 @@ import java.io.Console; import java.io.File; import java.io.FileReader; import java.io.IOException; +import java.io.InputStreamReader; import java.lang.reflect.Field; import java.net.InetAddress; +import java.net.URI; import java.net.UnknownHostException; import java.util.Collection; import java.util.HashSet; @@ -39,6 +41,7 @@ import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; import org.mozilla.jss.util.IncorrectPasswordException; import org.mozilla.jss.util.Password; +import com.netscape.certsrv.ca.CAClient; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.client.PKIConnection; @@ -269,6 +272,36 @@ public class MainCLI extends CLI { return promptForPassword("Enter Password: "); } + public static CAClient createCAClient(PKIClient client) throws Exception { + + ClientConfig config = client.getConfig(); + CAClient caClient = new CAClient(client); + + while (!caClient.exists()) { + System.err.println("ERROR: CA subsystem not available"); + + URI serverURI = config.getServerURI(); + String uri = serverURI.getScheme() + "://" + serverURI.getHost() + ":" + serverURI.getPort(); + + System.out.print("CA server URI [" + uri + "]: "); + System.out.flush(); + + BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); + String line = reader.readLine().trim(); + if (!line.equals("")) { + uri = line; + } + + config = new ClientConfig(client.getConfig()); + config.setServerURI(uri); + + client = new PKIClient(config); + caClient = new CAClient(client); + } + + return caClient; + } + public void parseOptions(CommandLine cmd) throws Exception { verbose = cmd.hasOption("v"); @@ -465,13 +498,14 @@ public class MainCLI extends CLI { client = new PKIClient(config, null); client.setVerbose(verbose); - PKIConnection connection = client.getConnection(); - connection.setRejectedCertStatuses(rejectedCertStatuses); - connection.setIgnoredCertStatuses(ignoredCertStatuses); + client.setRejectedCertStatuses(rejectedCertStatuses); + client.setIgnoredCertStatuses(ignoredCertStatuses); if (output != null) { File file = new File(output); file.mkdirs(); + + PKIConnection connection = client.getConnection(); connection.setOutput(file); } } diff --git a/base/java-tools/src/com/netscape/cmstools/cli/SubsystemCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/SubsystemCLI.java index 310a4c29c..b28271dd7 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/SubsystemCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/SubsystemCLI.java @@ -48,17 +48,15 @@ public class SubsystemCLI extends CLI { init(); - try { - // login if username or nickname is specified - ClientConfig config = getClient().getConfig(); - if (config.getUsername() != null || config.getCertNickname() != null) { - login(); - } + // login if username or nickname is specified + ClientConfig config = getClient().getConfig(); + if (config.getUsername() != null || config.getCertNickname() != null) { + login(); + } - super.execute(args); + super.execute(args); - } finally { - logout(); - } + // logout if there is no failures + logout(); } } diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserCertAddCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserCertAddCLI.java index 4425e7003..3e96c1dee 100644 --- a/base/java-tools/src/com/netscape/cmstools/user/UserCertAddCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/user/UserCertAddCLI.java @@ -25,6 +25,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; import org.apache.commons.io.FileUtils; +import com.netscape.certsrv.ca.CAClient; import com.netscape.certsrv.cert.CertClient; import com.netscape.certsrv.cert.CertData; import com.netscape.certsrv.dbs.certdb.CertId; @@ -114,8 +115,8 @@ public class UserCertAddCLI extends CLI { System.out.println("Downloading certificate " + serialNumber + "."); } - client = parent.getClient(); - CertClient certClient = new CertClient(client, "ca"); + CAClient caClient = MainCLI.createCAClient(parent.getClient()); + CertClient certClient = new CertClient(caClient); CertData certData = certClient.getCert(new CertId(serialNumber)); encoded = certData.getEncoded(); |