diff options
Diffstat (limited to 'pki/base/common/src/com')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java | 44 | ||||
-rw-r--r-- | pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java | 7 |
2 files changed, 39 insertions, 12 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index 6c12c43b4..77ac6437e 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -2275,23 +2275,45 @@ private void createMasterKey(HttpServletRequest req, // nickname). // + CMS.debug("CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: "+ nicknameWithoutTokenName); try { jssSubSystem.importCert(pkcs, nicknameWithoutTokenName, certType); } catch (EBaseException e) { - // if it fails, let use a different nickname to try - Date now = new Date(); - String newNickname = nicknameWithoutTokenName + "-" + + + boolean certFound = false; + + String eString = e.toString(); + if(eString.contains("Failed to find certificate that was just imported")) { + CMS.debug("CMSAdminServlet.installCert(): nickname="+nicknameWithoutTokenName + " TokenException: " + eString); + + X509Certificate cert = null; + try { + cert = CryptoManager.getInstance().findCertByNickname(nickname); + if (cert != null) { + certFound = true; + } + CMS.debug("CMSAdminServlet.installCert() Found cert just imported: " + nickname); + } catch (Exception ex) { + CMS.debug("CMSAdminServlet.installCert() Can't find cert just imported: " + ex.toString()); + } + } + + if (!certFound) { + // if it fails, let use a different nickname to try + Date now = new Date(); + String newNickname = nicknameWithoutTokenName + "-" + now.getTime(); - jssSubSystem.importCert(pkcs, newNickname, certType); - nicknameWithoutTokenName = newNickname; - if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { - nickname = newNickname; - } else { - nickname = tokenName + ":" + newNickname; - } - CMS.debug("CMSAdminServlet: installCert(): nickname="+nickname); + jssSubSystem.importCert(pkcs, newNickname, certType); + nicknameWithoutTokenName = newNickname; + if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { + nickname = newNickname; + } else { + nickname = tokenName + ":" + newNickname; + } + CMS.debug("CMSAdminServlet: installCert(): After second install attempt following initial error: nickname="+nickname); + } } if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { diff --git a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java index cf63a770b..13b08024a 100644 --- a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java @@ -848,8 +848,13 @@ public final class JssSubsystem implements ICryptoSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString())); throw new EBaseException(CMS.getUserMessage("CMS_BASE_CRYPTOMANAGER_UNINITIALIZED")); } catch (TokenException e) { + String eString = e.toString(); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString())); - throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", "")); + if (eString.contains("Failed to find certificate that was just imported")) { + throw new EBaseException(eString); + } else { + throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", "")); + } } catch (UserCertConflictException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString())); throw new EBaseException(CMS.getUserMessage("CMS_BASE_USERCERT_CONFLICT")); |