From 8d5eb937f99fd18398401f3f744eb85775293e23 Mon Sep 17 00:00:00 2001
From: Matthew Harmsen <mharmsen@redhat.com>
Date: Thu, 6 Dec 2012 14:23:21 -0800
Subject: Implemented ability to utilize an external CA

* TRAC Ticket #231 - Dogtag 10: Update PKI Deployment to handle external CA
---
 base/deploy/src/scriptlets/pkihelper.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'base/deploy/src/scriptlets/pkihelper.py')

diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 2d7b75938..5d89a1201 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -685,7 +685,8 @@ class configuration_file:
                         master['pki_user_deployment_cfg'],
                         extra=config.PKI_INDENTATION_LEVEL_2)
                     sys.exit(1)
-                if not config.str2bool(master['pki_step_two']):
+                if not config.str2bool(master['pki_external_step_two']):
+                    # External CA (Step 1)
                     if not master.has_key('pki_external_csr_path') or\
                        not len(master['pki_external_csr_path']):
                         config.pki_log.error(
@@ -694,13 +695,15 @@ class configuration_file:
                             master['pki_user_deployment_cfg'],
                             extra=config.PKI_INDENTATION_LEVEL_2)
                         sys.exit(1)
-                    elif not os.path.isfile(master['pki_external_csr_path']):
+                    elif os.path.exists(master['pki_external_csr_path']) and\
+                         not os.path.isfile(master['pki_external_csr_path']):
                         config.pki_log.error(
                             log.PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1,
                             master['pki_external_csr_path'],
                             extra=config.PKI_INDENTATION_LEVEL_2)
                         sys.exit(1)
                 else:
+                    # External CA (Step 2)
                     if not master.has_key('pki_external_ca_cert_chain_path') or\
                        not len(master['pki_external_ca_cert_chain_path']):
                         config.pki_log.error(
@@ -709,7 +712,9 @@ class configuration_file:
                             master['pki_user_deployment_cfg'],
                             extra=config.PKI_INDENTATION_LEVEL_2)
                         sys.exit(1)
-                    elif not os.path.isfile(
+                    elif os.path.exists(
+                                 master['pki_external_ca_cert_chain_path']) and\
+                         not os.path.isfile(
                                  master['pki_external_ca_cert_chain_path']):
                         config.pki_log.error(
                             log.PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1,
@@ -724,7 +729,8 @@ class configuration_file:
                             master['pki_user_deployment_cfg'],
                             extra=config.PKI_INDENTATION_LEVEL_2)
                         sys.exit(1)
-                    elif not os.path.isfile(
+                    elif os.path.exists(master['pki_external_ca_cert_path']) and\
+                         not os.path.isfile(
                                  master['pki_external_ca_cert_path']):
                         config.pki_log.error(
                             log.PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1,
-- 
cgit