summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java44
-rw-r--r--pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java7
2 files changed, 39 insertions, 12 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index 6c12c43b4..77ac6437e 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -2275,23 +2275,45 @@ private void createMasterKey(HttpServletRequest req,
// nickname).
//
+ CMS.debug("CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: "+ nicknameWithoutTokenName);
try {
jssSubSystem.importCert(pkcs, nicknameWithoutTokenName,
certType);
} catch (EBaseException e) {
- // if it fails, let use a different nickname to try
- Date now = new Date();
- String newNickname = nicknameWithoutTokenName + "-" +
+
+ boolean certFound = false;
+
+ String eString = e.toString();
+ if(eString.contains("Failed to find certificate that was just imported")) {
+ CMS.debug("CMSAdminServlet.installCert(): nickname="+nicknameWithoutTokenName + " TokenException: " + eString);
+
+ X509Certificate cert = null;
+ try {
+ cert = CryptoManager.getInstance().findCertByNickname(nickname);
+ if (cert != null) {
+ certFound = true;
+ }
+ CMS.debug("CMSAdminServlet.installCert() Found cert just imported: " + nickname);
+ } catch (Exception ex) {
+ CMS.debug("CMSAdminServlet.installCert() Can't find cert just imported: " + ex.toString());
+ }
+ }
+
+ if (!certFound) {
+ // if it fails, let use a different nickname to try
+ Date now = new Date();
+ String newNickname = nicknameWithoutTokenName + "-" +
now.getTime();
- jssSubSystem.importCert(pkcs, newNickname, certType);
- nicknameWithoutTokenName = newNickname;
- if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) {
- nickname = newNickname;
- } else {
- nickname = tokenName + ":" + newNickname;
- }
- CMS.debug("CMSAdminServlet: installCert(): nickname="+nickname);
+ jssSubSystem.importCert(pkcs, newNickname, certType);
+ nicknameWithoutTokenName = newNickname;
+ if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) {
+ nickname = newNickname;
+ } else {
+ nickname = tokenName + ":" + newNickname;
+ }
+ CMS.debug("CMSAdminServlet: installCert(): After second install attempt following initial error: nickname="+nickname);
+ }
}
if (certType.equals(Constants.PR_CA_SIGNING_CERT)) {
diff --git a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
index cf63a770b..13b08024a 100644
--- a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java
@@ -848,8 +848,13 @@ public final class JssSubsystem implements ICryptoSubsystem {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
throw new EBaseException(CMS.getUserMessage("CMS_BASE_CRYPTOMANAGER_UNINITIALIZED"));
} catch (TokenException e) {
+ String eString = e.toString();
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", ""));
+ if (eString.contains("Failed to find certificate that was just imported")) {
+ throw new EBaseException(eString);
+ } else {
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_TOKEN_NOT_FOUND", ""));
+ }
} catch (UserCertConflictException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_IMPORT_CERT", e.toString()));
throw new EBaseException(CMS.getUserMessage("CMS_BASE_USERCERT_CONFLICT"));