summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src/com/netscape/cmstools/cert
Commit message (Collapse)AuthorAgeFilesLines
* Added CLI options to simplify submitting CSR.Endi S. Dewata2015-11-161-10/+136
| | | | | | | | | | The pki ca-cert-request-submit command has been modified to provide options to specify the profile name and the CSR which will be used to create and populate the request object. This way it's no longer necessary to download the request template and insert the CSR manually. https://fedorahosted.org/pki/ticket/456
* Added support for directory-authenticated profiles in CLI.Endi S. Dewata2015-09-301-18/+29
| | | | | | | | The pki cert-request-submit and client-cert-request CLIs have been modified to provide options to specify the username and password for directory-authenticated certificate enrollments. https://fedorahosted.org/pki/ticket/1463
* Lightweight CAs: REST cert request param to specify authorityFraser Tweedale2015-09-261-1/+43
| | | | | | | | Add the optional "ca" query parameter for REST cert request submission. Also update the ca-cert-request-submit CLI command with an option to provide an AuthorityID. Part of: https://fedorahosted.org/pki/ticket/1213
* Fixed default cert-find filter.Endi S. Dewata2015-07-061-1/+0
| | | | | | | | To improve the performance the default LDAP filter generated by cert-find has been changed to (certStatus=*) to match an existing VLV index. https://fedorahosted.org/pki/ticket/1449
* Fixed pki help CLI.Endi S. Dewata2015-07-021-0/+5
| | | | | | A new findModules() method has been added to the CLI class to find the list of modules handling a command. The list will be used by the pki help CLI to find the proper man page for the specified command.
* Displaying request status in ca-cert-request-review.Endi S. Dewata2014-09-191-0/+4
| | | | | | | The ca-cert-request-review CLI has been modified to show the request status after completing the operation. Ticket #1149
* Added client-cert-request CLI.Endi S. Dewata2014-09-192-16/+14
| | | | | | | A new CLI has been added to simplify the process to request a user certificate for client certificate authentication. Ticket #1148
* Remove profile-ID argumentMatthew Harmsen2014-07-181-3/+3
| | | | | - PKI TRAC Ticket #992 - pki cert-request-profile-find doesn't display list of profiles by default
* Removed requestID parameter usage in [un]revoke request.Abhishek Koneru2014-05-161-4/+1
| | | | | | | | | | | | | | | | There seems to be no use of the requestID parameter in both revoke and unrevoke request. Removed requestID attribute in CertRevokeRequest remove the class CertUnrevokeRequest. Also made changes in RevocationProcesor to use the requestID of the request created in it. The setRequestID() is being called in the DoRevoke and DoUnRevoke servlets. Removed the call and a function auditRequesterId in both the classes. The auditRequestorId method tries to get a "requestID" stored as a INPUT field in the reasonToRequest page. The ReasonToRevoke class which generates this page does not set the value.
* Attempt to clarify pki-cert-request-review commandMatthew Harmsen2014-04-301-2/+13
| | | | | * PKI TRAC Ticket #585 - 'pki cert-request-review' --output creates a file only when --action attribute is not present
* Fixed issue by streamlining code to be more consistent.Matthew Harmsen2014-04-2911-230/+306
| | | | * PKI TRAC Ticket #843 - Incorrect CLI argument parsing
* CLI argument parsing and bad return codesMatthew Harmsen2014-04-1711-8/+58
| | | | | * PKI TRAC Ticket #843 - Incorrect CLI argument parsing * PKI TRAC Ticket #918 - CLI commands does not return code '1' for the failures
* Updated REST interface for certificate requests.Endi S. Dewata2014-02-181-1/+1
| | | | | | | The REST interface for certificate requests has been modified to return Response objects to allow better handling of server responses. Ticket #554
* Added paging on all find commands.Endi S. Dewata2013-11-144-32/+55
| | | | | | The find commands in some REST services have been modified to support paging to be consistent with others. The other find commands have been cleaned up as well.
* Added checks for CertRequest and Cert ResourcesAde Lee2013-11-071-1/+1
| | | | Ticket 749
* Modify output file option for cert-request-review command.Abhishek Koneru2013-10-311-3/+3
| | | | | | | | Change the --output option to --file for providing a file to store the certificate request to be reviewed using the cert-request-review cli command. Update the man page entry for the same. Ticket #674
* Cleaned up CertEnrollmentRequest.Endi S. Dewata2013-10-251-13/+15
| | | | | The CertEnrollmentRequest, ProfileInput, ProfileAttribute, and Descriptor have been cleaned up to fix some bugs and minor formatting issues.
* Added CA certificate CLI.Endi S. Dewata2013-10-081-5/+9
| | | | | The ca-cert-* commands have been added to eventually replace cert-*. The CATest has been updated to use the CertClient directly.
* Fixed CLI authentication issue.Endi S. Dewata2013-10-011-1/+8
| | | | | | | Previously the CLI authentication could fail because it's using a fixed default subsystem which may not match the command it's trying to execute. The CLI has now been modified to use the appropriate default subsystem depending on the command to be executed.
* Refactored CLI framework.Endi S. Dewata2013-10-011-23/+1
| | | | | The CLI framework has been modified to remove duplicate code in various CLI modules.
* Provide enrollment template per profileAde Lee2013-09-033-0/+112
| | | | | | | | | | | This adds an API call to get a template which can be used to generate an enrollment request which can be passed into the REST API. The template is simply a CertRequest with the relevant inputs for that profile added in. Per code review comments, have added the templates interface to CertRequestResource instead. This patch now includes /certrequests/profiles and /certrequests/profiles/{id}. In a subsequent patch, all calls in ProfileResource will be restricted to admins and agents.
* Added TPS connection resource.Endi S. Dewata2013-09-011-3/+3
| | | | | | | A skeleton for TPS connection services and the clients have been added. The service implementation will be added later. Ticket #652
* Refactored CLI framework.Endi S. Dewata2013-08-2310-96/+82
| | | | | | | | | | Some common CLI methods and attributes have been refactored into the CLI base class. A new SubsystemCLI class was added as the base for subsystem CLI modules. The MainCLI was modified such that it will only perform authentication if the subsystem is specified in the server URI. If no subsystem is specified in the URI, the authentication will be done by the subsystem CLI module. Ticket #701
* Refactored code to import CA certificate.Endi Sukma Dewata2013-04-252-10/+19
| | | | | | | | | | | | | The code to import CA certificate has been moved from PKIConnection into PKIClient to allow reuse. The Client classes have been modified such that it uses a shared PKIClient object instead of PKIConnection. The return codes in CertFindCLI has been fixed to be more consistent with other commands. Ticket #491
* Check the actual result of operations cert revoke/unrevoke.Abhishek Koneru2013-04-234-21/+51
| | | | | | | | Output the actual result of a revoke/unrevoke operation in CLI. Since the actual result of the operation can be different from the cert request status. Ticket #217
* Remove [OPTIONS] from usage in commands with no options.Abhishek Koneru2013-04-171-1/+1
| | | | | | | Remove the text [OPTIONS]... in user-show message, which misleads that there are other optional arguements. Ticket #543
* Added cert-request-show command.Endi Sukma Dewata2013-03-072-1/+63
| | | | | | | A new cert-request-show command has been added to allow EE users to check certificate request status. Ticket #511
* Added certificate status option for cert-find.Endi Sukma Dewata2013-02-121-0/+8
| | | | | | | The cert-find command has been modified to provide an option to search by certificate status. Ticket #501
* Additional output attributes for cert-find.Endi Sukma Dewata2013-02-072-10/+44
| | | | | | | | The cert-find command has been modified to include some additional attributes including certificate type and version, key algorithm name and length, validity dates, creation time and issuer. Ticket #498
* Fixed validity duration options for cert-find.Endi Sukma Dewata2013-02-071-6/+46
| | | | | | | | | The cert-find command has been fixed to show better error messages on missing validity duration options. The validity duration unit has been changed to take "day", "week", "month", or "year" and convert it into milliseconds. Ticket #291, #500
* Fixed date format for cert-find parameters.Endi Sukma Dewata2013-02-071-12/+18
| | | | | | | | All date parameters for cert-find have been modified to use the YYYY-MM-DD date format. Date parsing code in FilterBuilder has been modified not to ignore parsing errors. Ticket #497
* Merged cert-request-review/approve commands.Endi Sukma Dewata2013-02-043-96/+111
| | | | | | | The cert-request-approve has been merged into cert-request-review to ensure that these operations are executed in the same session. Ticket #474
* Ticket 419 - REST interface for cert requestsAde Lee2013-01-222-0/+145
|
* Added nonce validation for certificate revocation.Endi Sukma Dewata2013-01-152-6/+9
| | | | | | | The certificate REST service has been modified to validate nonce when revoking a certificate. Ticket #213
* Fixed issuedOn parameters for cert-find.Endi Sukma Dewata2012-11-301-7/+24
| | | | | | | | The CertSearchRequest has been modified to fix the infinite loop in getIssuedOnTo(). The CertFindCLI has been modified to accept dates with format YYYY-MM-DD instead of epoch time. Ticket #416
* Added PKIConnection.Endi Sukma Dewata2012-10-182-23/+11
| | | | | | | | | The code in PKIClient has been refactored into PKIConnection such that a single connection object can be used by several REST clients. The PKIClient will remain the base class for all REST clients. Ticket #357
* Moved REST CLI into pki-tools.Endi Sukma Dewata2012-08-299-0/+1283
The pki-client.jar has been split and merged into pki-certsrv.jar and pki-tools.jar. The REST client classes are now packaged in com.netscape.certsrv.<component> packages. The REST CLI classes are now packaged in com.netscape.cmstools.<component> packages. The "pki" script has been moved into pki-tools RPM package. Ticket #215