summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
Commit message (Collapse)AuthorAgeFilesLines
* Fixed exception handling in CertUtil.Endi S. Dewata2016-04-121-9/+16
| | | | | | | The CertUtil.createLocalCert() has been modified to re-throw the exception instead of ignoring it. https://fedorahosted.org/pki/ticket/1654
* Replaced legacy HttpClient.Endi S. Dewata2015-10-221-57/+34
| | | | | | | | | | | | | The ConfigurationUtils and CertUtil have been modified to use PKIConnection which uses Apache HttpClient instead of the legacy custom HttpClient. The POST request content is now created using MultivaluedMap. The PKIConnection has been modified to provide a get() method to send an HTTP GET request. The post() method was modified to accept a path parameter. https://fedorahosted.org/pki/ticket/342
* Removed unused WizardServlet.Endi S. Dewata2015-10-221-15/+11
| | | | | | | | | | The unused configuration wizard servlet has been removed to simplify refactoring other codes. The remaining references in CertUtil and ConfigurationUtils have been removed as well. https://fedorahosted.org/pki/ticket/1120
* Lightweight CAs: initial supportFraser Tweedale2015-09-261-9/+29
| | | | | | | | | | | | | This commit adds initial support for "lightweight CAs" - CAs that inhabit an existing CA instance and share the request queue and certificate database of the "top-level CA". We initially support only sub-CAs under the top-level CA - either direct sub-CAs or nested. The general design will support hosting unrelated CAs but creation or import of unrelated CAs is not yet implemented. Part of: https://fedorahosted.org/pki/ticket/1213
* Ticket 1316 Allow adding SAN to server cert during the install processChristina Fu2015-04-211-5/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Usage: * under /usr/share/pki/ca/conf, you will find a new file called serverCert.profile.exampleWithSANpattern * copy existing serverCert.profile away and replace with serverCert.profile.exampleWithSANpattern * edit serverCert.profile.exampleWithSANpattern - follow the instruction right above 8.default. - save and quit * cd /usr/share/pki/ca/profiles/ca , edit caInternalAuthServerCert.cfg - follow the instruction right above policyset.serverCertSet.9 - save and quit * save away and edit the ca config file for pkispawn: (note: you can add multiple SAN's delimited by ',' for pki_san_server_cert - add the following lines, e.g. pki_san_inject=True pki_san_server_cert=host1.Example.com - do the same pkispawn cfg changes for kra or any other instances that you plan on creating * create your instance(s) check the sl sever cert, it should contain something like the following: Identifier: Subject Alternative Name - 2.5.29.17 Critical: no Value: DNSName: host1.Example.com
* Bug1151147 issuerDN encoding correctionChristina Fu2014-10-231-2/+14
|
* Fixed return code for user and group services.Endi S. Dewata2013-11-071-13/+11
| | | | | | | | | The user and group services have been modified to return consistent HTTP return codes under various situations. The UGSubsystem has been modified to capture any LDAP exceptions and throw the proper PKIException subclass that represents the appropriate HTTP error code for the situation. Ticket #669, #749
* Fixed logic for setting admin cert signing algorithmAde Lee2013-10-311-44/+79
| | | | | Should now be SHA256 by default. Bugzilla BZ 1024445
* Reorganized server packages.Endi S. Dewata2013-10-251-0/+670
The tomcat, cms, and cmscore packages have been moved from base/common into separate folders in base/server so that they can be built separately.
generated by cgit (git 2.34.1) at 2024-06-11 05:06:14 +0000