summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src/com
Commit message (Collapse)AuthorAgeFilesLines
* Renamed CryptoUtil.setClientCiphers().Endi S. Dewata2017-03-192-2/+2
| | | | | The setClientCiphers() in CryptoUtil has been renamed to setDefaultSSLCiphers() for clarity.
* Added configuration parameters for SSL version ranges.Endi S. Dewata2017-03-191-2/+18
| | | | | The hard-coded SSL version ranges in PKI CLI have been converted into configurable parameters in the pki.conf.
* Fixed PKIClient initialization in PKI CLI.Endi S. Dewata2017-03-193-2/+13
| | | | | | | | The PKI CLI has been modified such that it initializes the PKIClient (and retrieves the access banner) only if the CLI needs to access the PKI server. https://pagure.io/dogtagpki/issue/2612
* Moved default SSL configuration out of PKIConnection.Endi S. Dewata2017-03-171-0/+5
| | | | | | | To prevent conflicts, the code that configures the default SSL version ranges and ciphers for all SSL sockets created afterwards has been moved out of PKIConnection into the main program (i.e. PKI CLI).
* Default NSS database for PKI CLI.Endi S. Dewata2017-03-171-4/+24
| | | | | | The PKI CLI has been modified to create a default NSS database without a password if there is no existing database at the expected location.
* Removed duplicate code to configure SSL version ranges.Endi S. Dewata2017-03-171-19/+5
| | | | | The duplicate code for configuring default SSL version ranges has been merged into reusable methods in CryptoUtil.
* Troubleshooting improvement for ClientCertValidateCLI.Endi S. Dewata2017-03-151-3/+6
| | | | | The ClientCertValidateCLI has been modified to display the NSS error code and error message for invalid certificates.
* Refactor crypto codeAde Lee2017-03-141-7/+7
| | | | | | Move some of the crypto functions in EncryptionUnit to CryptoUtil. Change-Id: Iee391392fb88a87f6af3b450b69508fd52729a62
* Added access banner for PKI CLI.Endi S. Dewata2017-02-242-0/+83
| | | | | | | | | The PKI CLI has been modified to retrieve access banner from the server and ask for user confirmation at the beginning of the program. An --ignore-banner option was added to allow bypassing the banner for automation. https://fedorahosted.org/pki/ticket/2582
* Cleaned up error handling in TPS CLIs.Endi S. Dewata2017-02-0829-442/+90
| | | | | The TPS CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Cleaned up error handling in system, logging, and selftest CLIs.Endi S. Dewata2017-02-0816-228/+47
| | | | | | The system, logging, and selftest CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Cleaned up error handling in feature and authority CLIs.Endi S. Dewata2017-02-049-177/+57
| | | | | | The feature and authority CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Cleaned up error handling in client and PKCS12 CLIs.Endi S. Dewata2017-02-0217-330/+80
| | | | | | The client and PKCS12 CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Added --serial param to pki ca-cert-request-submit.Endi S. Dewata2017-02-021-0/+23
| | | | | A new parameter has been added to set the serial number field in CertEnrollmentRequest and in profile input if available.
* Added --renewal param to pki ca-cert-request-submit.Endi S. Dewata2017-02-021-0/+9
| | | | | A new parameter has been added to set the renewal field in CertEnrollmentRequest.
* Refactored restricted command list in PKI CLI.Endi S. Dewata2017-01-301-5/+15
| | | | | The names of restricted commands have been moved into a list for clarity.
* Cleaned up error handling in key CLIs.Endi S. Dewata2017-01-3012-304/+70
| | | | | The key CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Cleaned up error handling in cert and profile CLIs.Endi S. Dewata2017-01-3021-395/+107
| | | | | | The cert and profile CLIs have been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Replaced CryptoManager.getTokenByName().Endi S. Dewata2017-01-2710-81/+27
| | | | | | | | | Direct invocations of CryptoManager.getTokenByName() have been replaced with CryptoUtil.getCryptoToken() and getKeyStorageToken() to ensure that internal token names are handled consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
* Fixed inconsistent internal token detection.Endi S. Dewata2017-01-266-25/+25
| | | | | | | | The codes that detect internal token name have been modified to use CryptoUtil.isInternalToken() such that the comparison can be done consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
* Replaced internal token short name literals.Endi S. Dewata2017-01-243-14/+18
| | | | | | | The internal token short name literals have been replaced with CryptoUtil.INTERNAL_TOKEN_NAME. https://fedorahosted.org/pki/ticket/2556
* Replaced internal token full name literals.Endi S. Dewata2017-01-241-1/+1
| | | | | | | The internal token full name literals have been replaced with CryptoUtil.INTERNAL_TOKEN_FULL_NAME. https://fedorahosted.org/pki/ticket/2556
* Refactored HttpClient.PR_INTERNAL_TOKEN_NAME.Endi S. Dewata2017-01-211-3/+1
| | | | | | | The HttpClient.PR_INTERNAL_TOKEN_NAME has been replaced with CryptoUtil.INTERNAL_TOKEN_NAME since they are identical. https://fedorahosted.org/pki/ticket/2556
* Refactored CMCRevoke.PR_INTERNAL_TOKEN_NAME.Endi S. Dewata2017-01-211-3/+3
| | | | | | | The CMCRevoke.PR_INTERNAL_TOKEN_NAME has been replaced with CryptoUtil.INTERNAL_TOKEN_NAME since they are identical. https://fedorahosted.org/pki/ticket/2556
* Refactored CMCRequest.PR_INTERNAL_TOKEN_NAME.Endi S. Dewata2017-01-211-4/+3
| | | | | | | The CMCRequest.PR_INTERNAL_TOKEN_NAME has been replaced with CryptoUtil.INTERNAL_TOKEN_NAME since they are identical. https://fedorahosted.org/pki/ticket/2556
* Refactored KRATool.INTERNAL_TOKEN.Endi S. Dewata2017-01-211-7/+5
| | | | | | | The KRATool.INTERNAL_TOKEN has been replaced with CryptoUtil.INTERNAL_TOKEN_FULL_NAME since they are identical. https://fedorahosted.org/pki/ticket/2556
* Cleaned up error handling in user and group CLIs.Endi S. Dewata2017-01-1821-325/+71
| | | | | | The user and group CLIs have been modified to use Exception instead of System.exit() such that errors can be handled consistently.
* Cleaned up error handling in PKI CLI.Endi S. Dewata2017-01-183-72/+48
| | | | | The MainCLI has been modified to use Exceptions instead of System.exit() such that errors can be handled consistently.
* Revert "Replaced deprecated DefaultHttpClient."Endi S. Dewata2016-12-021-3/+3
| | | | | | | Commit db58e6071f6bb57de006e6499c0a0c6a8c8e67bf has been reverted due to build issue on RHEL/CentOS. https://fedorahosted.org/pki/ticket/2531
* Revert "Replaced deprecated ProxyParser."Endi S. Dewata2016-12-023-6/+6
| | | | | | | Commit f9ddb2e875355e882b14529979f6c9ae03cf720e has been reverted due to build issue on RHEL/CentOS. https://fedorahosted.org/pki/ticket/2535
* Add field to KeyData to allow request to be returned when non-synchronousAde Lee2016-11-101-6/+12
| | | | | If a retrieval is non-sychronous, we create a non-ephemeral recovery request and return this Request ID to the client.
* Add option to pass existing request to retrieveKeyCLIAde Lee2016-11-101-3/+23
| | | | | | Continuation of the previous patch. These are client changes to allow the client to pass through an approved recovery request to retrieveKey()
* Replaced deprecated ProxyParser.Endi S. Dewata2016-11-043-6/+6
| | | | | | The deprecated ProxyParser has been replaced with DefaultParser. https://fedorahosted.org/pki/ticket/2535
* Replaced deprecated DefaultHttpClient.Endi S. Dewata2016-11-041-5/+5
| | | | | | | The deprecated DefaultHttpClient in SubsystemClient, CRMFPopClient, and OCSPProcessor has been replaced with HttpClientBuilder. https://fedorahosted.org/pki/ticket/2531
* Fix CertRequestInfo URLsAde Lee2016-09-021-2/+0
| | | | | | | | | | The URLs were generated by a UriBuilder that referred to the resource's annotated path. This top-level path changed though, even if the underlying paths did not. Replace this with a reference to the getX methods instead. Also fixed a few eclipse flagged warnings (unused imports etc). Ticket 2447
* pki-tools HEADER/FOOTER changesMatthew Harmsen2016-08-195-18/+29
| | | | * PKI TRAC Ticket #2436 - Dogtag 10.3.6: Miscellaneous Enhancements
* Fixed NumberFormatException in tps-cert-findGeetika Kapoor2016-08-051-4/+16
| | | | Signed-off-by: Geetika Kapoor <gkapoor@redhat.com>
* Fix client-cert-import to set provided trust bitsAde Lee2016-07-291-4/+12
| | | | Ticket 2412
* Fixed cert usage list in pki client-cert-validate.Endi S. Dewata2016-07-151-1/+6
| | | | | | | | The pki client-cert-validate has been modified to add the missing EmailRecipient and to list the supported cert usages. https://fedorahosted.org/pki/ticket/2376 https://fedorahosted.org/pki/ticket/2399
* Added validation for pki client-cert-request sensitive parameter.Endi S. Dewata2016-07-061-0/+3
| | | | | | | The pki client-cert-request CLI has been modified to validate the boolean sensitive parameter. https://fedorahosted.org/pki/ticket/2383
* Added validation for pki client-cert-request extractable parameter.Endi S. Dewata2016-07-061-0/+3
| | | | | | | The pki client-cert-request CLI has been modified to validate the boolean extractable parameter. https://fedorahosted.org/pki/ticket/2383
* Fixed CLI error message on connection problemsEndi S. Dewata2016-07-061-1/+12
| | | | | | | The CLI has been modified to display the actual error message instead of generic ProcessingException. https://fedorahosted.org/pki/ticket/2377
* Fixed KRA cloning issue.Endi S. Dewata2016-06-291-2/+4
| | | | | | | | | | | | | The pki pkcs12-import CLI has been modified not to import certificates that already exist in the NSS database unless specifically requested with the --overwrite parameter. This will avoid changing the trust flags of the CA signing certificate during KRA cloning. The some other classes have been modified to provide better debugging information. https://fedorahosted.org/pki/ticket/2374
* Added debugging log in ClientCertImportCLI.Endi S. Dewata2016-06-161-0/+5
|
* Added pki pkcs12-cert-mod command.Endi S. Dewata2016-06-162-0/+175
| | | | | A new CLI has been added to update the certificate trust flags in PKCS #12 file which will be useful to import OpenSSL certificates.
* Add man page and clarify CLI for kra-connectorAde Lee2016-06-133-17/+74
|
* Add revocation information to pki CLI output.Ade Lee2016-05-241-0/+21
| | | | | | | The date on which the certificate is revoked and the agent that revoked it is displayed now in cert-find and cert-show output. Ticket 1055
* Allow cert-find using revocation reasonsAde Lee2016-05-241-2/+21
| | | | | | | | | The REST API expects the integer revocation code to be passed in a certificate search. We have modified the client to allow the user to provide either a revocation code or a revocation reason as a search parameter. Ticket 1053
* Lightweight CAs: add issuer DN and serial to AuthorityDataFraser Tweedale2016-05-134-4/+16
| | | | | | | | Add issuer DN and serial number to the AuthorityData object, as read-only attributes. Values are displayed in the CLI, when present in the response data. Fixes: https://fedorahosted.org/pki/ticket/1618
* Add ca-authority-key-export commandFraser Tweedale2016-05-032-0/+110
| | | | | | | | | Add the 'pki ca-authority-key-export' CLI command for exporting a PKIArchiveOptions object containing a nominated target key, wrapped by a nominated wrapping key. This command is to be used by Custodia to export key data for transmission to a requesting clone. Part of: https://fedorahosted.org/pki/ticket/1625
generated by cgit (git 2.34.1) at 2026-03-16 22:16:54 +0000