From a25705a6fff3525b26a855d03f0c117bfadc1979 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 23 May 2012 14:14:38 -0500 Subject: Added cert revocation REST service. The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets. It provides an interface to manage certificate revocation. Ticket #161 --- .../netscape/cms/servlet/test/CARestClient.java | 2 +- .../src/com/netscape/cms/servlet/test/CATest.java | 12 ++++---- base/ca/shared/conf/CS.cfg.in | 32 ++++++++++++++++------ 3 files changed, 30 insertions(+), 16 deletions(-) (limited to 'base/ca') diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java index 67138e529..c62eef119 100644 --- a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java +++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java @@ -101,7 +101,7 @@ public class CARestClient extends CMSRestClient { return null; } - return certClient.retrieveCert(id); + return certClient.getCert(id); } diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java index 9afb1f386..807d014c4 100644 --- a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java +++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java @@ -496,8 +496,8 @@ public class CATest { log("No CertInfo: "); return; } - log("CertId: " + info.getCertId().toString()); - log("CertUrl: " + info.getCertURL()); + log("CertId: " + info.getID().toString()); + log("CertUrl: " + info.getLink().getHref()); } @@ -511,12 +511,12 @@ public class CATest { log("CertificateInfo: " + "\n"); log("-----------------"); - log("CertSerialNo: \n" + info.getSerialNo() + "\n"); - log("CertSubject: \n" + info.getSubjectName() + "\n"); - log("CertIssuer: \n" + info.getIssuerName() + "\n"); + log("CertSerialNo: \n" + info.getSerialNumber() + "\n"); + log("CertSubject: \n" + info.getSubjectDN() + "\n"); + log("CertIssuer: \n" + info.getIssuerDN() + "\n"); log("NotBefore: \n" + info.getNotBefore() + "\n"); log("NotAfter: \n" + info.getNotAfter() + "\n"); - log("CertBase64: \n" + info.getB64() + "\n"); + log("CertBase64: \n" + info.getEncoded() + "\n"); log("CertPKCS7Chain: \n" + info.getPkcs7CertChain() + "\n"); log("CertPrettyPrint: \n" + info.getPrettyPrint()); diff --git a/base/ca/shared/conf/CS.cfg.in b/base/ca/shared/conf/CS.cfg.in index 527de831d..78c28435a 100644 --- a/base/ca/shared/conf/CS.cfg.in +++ b/base/ca/shared/conf/CS.cfg.in @@ -1056,15 +1056,29 @@ profile.caEncUserCert.config=[PKI_INSTANCE_PATH]/profiles/ca/caEncUserCert.cfg profile.caEncECUserCert.class_id=caEnrollImpl profile.caEncECUserCert.config=[PKI_INSTANCE_PATH]/profiles/ca/caEncECUserCert.cfg registry.file=[PKI_INSTANCE_PATH]/conf/registry.cfg -profile.caProfileProcess.getClientCert=true -profile.caProfileProcess.authzMgr=BasicAclAuthz -profile.caProfileProcess.authorityId=ca -profile.caProfileProcess.authzResourceName=certServer.ca.request.profile -profile.caProfileProcess.authMgr=certUserDBAuthMgr -profile.caProfileSubmit.authorityId=ca -profile.caProfileSubmit.authzMgr=BasicAclAuthz -profile.caProfileSubmit.authzResourceName=certServer.ee.profile -profile.caProfileSubmit.getClientCert=false +processor.caProfileProcess.getClientCert=true +processor.caProfileProcess.authzMgr=BasicAclAuthz +processor.caProfileProcess.authorityId=ca +processor.caProfileProcess.authzResourceName=certServer.ca.request.profile +processor.caProfileProcess.authMgr=certUserDBAuthMgr +processor.caProfileSubmit.authorityId=ca +processor.caProfileSubmit.authzMgr=BasicAclAuthz +processor.caProfileSubmit.authzResourceName=certServer.ee.profile +processor.caProfileSubmit.getClientCert=false +processor.caDoRevoke.getClientCert=false +processor.caDoRevoke.authzMgr=BasicAclAuthz +processor.caDoRevoke.authorityId=ca +processor.caDoRevoke.authzResourceName=certServer.ee.certificates +processor.caDoRevoke-agent.getClientCert=true +processor.caDoRevoke-agent.authzMgr=BasicAclAuthz +processor.caDoRevoke-agent.authorityId=ca +processor.caDoRevoke-agent.authzResourceName=certServer.ca.certificates +processor.caDoRevoke-agent.authMgr=certUserDBAuthMgr +processor.caDoUnrevoke.getClientCert=true +processor.caDoUnrevoke.authzMgr=BasicAclAuthz +processor.caDoUnrevoke.authorityId=ca +processor.caDoUnrevoke.authzResourceName=certServer.ca.certificate +processor.caDoUnrevoke.authMgr=certUserDBAuthMgr request.assignee.enable=true selftests._000=## selftests._001=## Self Tests -- cgit