summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java')
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java117
1 files changed, 13 insertions, 104 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 9b83830a2..03e4915bf 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -3204,7 +3204,7 @@ public class ConfigurationUtils {
x509key = getECCX509Key(config, certTag);
}
- if (findCertificate(tokenname, nickname)) {
+ if (CertUtil.findCertificate(tokenname, nickname)) {
if (!certTag.equals("sslserver"))
return;
}
@@ -3220,10 +3220,10 @@ public class ConfigurationUtils {
try {
CMS.debug("handleCerts(): deleting existing cert");
- if (certTag.equals("sslserver") && findBootstrapServerCert())
- deleteBootstrapServerCert();
- if (findCertificate(tokenname, nickname))
- deleteCert(tokenname, nickname);
+ if (certTag.equals("sslserver") && CertUtil.findBootstrapServerCert())
+ CertUtil.deleteBootstrapServerCert();
+ if (CertUtil.findCertificate(tokenname, nickname))
+ CertUtil.deleteCert(tokenname, nickname);
CMS.debug("handleCerts(): importing new cert");
if (certTag.equals("signing") && subsystem.equals("ca"))
@@ -3249,10 +3249,10 @@ public class ConfigurationUtils {
String b64chain = cert.getCertChain();
try {
- if (certTag.equals("sslserver") && findBootstrapServerCert())
- deleteBootstrapServerCert();
- if (findCertificate(tokenname, nickname)) {
- deleteCert(tokenname, nickname);
+ if (certTag.equals("sslserver") && CertUtil.findBootstrapServerCert())
+ CertUtil.deleteBootstrapServerCert();
+ if (CertUtil.findCertificate(tokenname, nickname)) {
+ CertUtil.deleteCert(tokenname, nickname);
}
} catch (Exception e) {
CMS.debug(e);
@@ -3319,10 +3319,10 @@ public class ConfigurationUtils {
CMS.debug("handleCerts(): deleting existing cert");
try {
- if (certTag.equals("sslserver") && findBootstrapServerCert())
- deleteBootstrapServerCert();
- if (findCertificate(tokenname, nickname)) {
- deleteCert(tokenname, nickname);
+ if (certTag.equals("sslserver") && CertUtil.findBootstrapServerCert())
+ CertUtil.deleteBootstrapServerCert();
+ if (CertUtil.findCertificate(tokenname, nickname)) {
+ CertUtil.deleteCert(tokenname, nickname);
}
} catch (Exception e) {
CMS.debug(e);
@@ -3383,97 +3383,6 @@ public class ConfigurationUtils {
}
}
- public static boolean findCertificate(String tokenname, String nickname) throws NotInitializedException,
- TokenException, IOException {
- IConfigStore cs = CMS.getConfigStore();
- CryptoManager cm = CryptoManager.getInstance();
-
- String fullnickname = nickname;
- boolean hardware = false;
- if (!CryptoUtil.isInternalToken(tokenname)) {
- hardware = true;
- fullnickname = tokenname + ":" + nickname;
- }
-
- X509Certificate cert = null;
- try {
- cert = cm.findCertByNickname(fullnickname);
- } catch (ObjectNotFoundException e) {
- return false;
- }
-
- if (cert == null)
- return false;
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.CertRequestPanel.done"); // check for errors
- } catch (Exception e) {
- if (hardware) {
- CMS.debug("ConfigurationUtils: findCertificate: The certificate with the same nickname: "
- + fullnickname + " has been found on HSM. Please remove it before proceeding.");
- throw new IOException("The certificate with the same nickname: "
- + fullnickname + " has been found on HSM. Please remove it before proceeding.", e);
- }
- }
- return true;
- }
-
- public static boolean findBootstrapServerCert() throws EBaseException, NotInitializedException, TokenException {
- IConfigStore cs = CMS.getConfigStore();
-
- String nickname = cs.getString("preop.cert.sslserver.nickname");
-
- CryptoManager cm = CryptoManager.getInstance();
- X509Certificate cert;
- try {
- cert = cm.findCertByNickname(nickname);
- } catch (ObjectNotFoundException e) {
- return false;
- }
- Principal issuerDN = cert.getIssuerDN();
- Principal subjectDN = cert.getSubjectDN();
- if (issuerDN.equals(subjectDN))
- return true;
-
- return false;
- }
-
- public static void deleteBootstrapServerCert() throws EBaseException, NotInitializedException,
- NoSuchTokenException, TokenException {
- IConfigStore cs = CMS.getConfigStore();
- String nickname = cs.getString("preop.cert.sslserver.nickname");
- deleteCert(CryptoUtil.INTERNAL_TOKEN_FULL_NAME, nickname);
- }
-
- public static void deleteCert(String tokenname, String nickname) throws NotInitializedException,
- NoSuchTokenException, TokenException {
-
- CryptoManager cm = CryptoManager.getInstance();
- CryptoToken tok = CryptoUtil.getKeyStorageToken(tokenname);
- CryptoStore store = tok.getCryptoStore();
- String fullnickname = nickname;
- if (!CryptoUtil.isInternalToken(tokenname))
- fullnickname = tokenname + ":" + nickname;
-
- CMS.debug("deleteCert: nickname=" + fullnickname);
- X509Certificate cert;
- try {
- cert = cm.findCertByNickname(fullnickname);
- } catch (ObjectNotFoundException e) {
- CMS.debug("deleteCert: cert not found");
- return;
- }
-
- if (store instanceof PK11Store) {
- PK11Store pk11store = (PK11Store) store;
- try {
- pk11store.deleteCertOnly(cert);
- } catch (NoSuchItemOnTokenException e) {
- }
- CMS.debug("deleteCert: cert deleted successfully");
- }
- }
-
public static void backupKeys(String pwd, String fname) throws Exception {
CMS.debug("backupKeys(): start");
generated by cgit (git 2.34.1) at 2024-05-05 02:00:27 +0000