From 6448bfea3282f2f3a81520b3381d2a833babd491 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Thu, 31 Mar 2016 21:59:25 +0200
Subject: Fixed missing trust flags in certificate backup.

The ConfigurationUtils.backupKeys() has been modified to use
PKCS12Util to export the certificates and their trust flags into
a PKCS #12 file such that the file can be used for cloning.

The code to generate PFX object has been refactored from the
PKCS12Util.storeIntoFile() into a separate generatePFX() method.

The PKCS12Util.loadCertFromNSS() has been modified to provide
options to load a certificate from NSS database without the key
or the certificate chain. The CLIs have been modified to provide
the same options.

The PKCS12Util.getCertInfo() has modified to ignore missing
certificate attributes in the PKCS #12 file and generate a new
local ID.

https://fedorahosted.org/pki/ticket/2255
---
 base/java-tools/bin/pki | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'base/java-tools/bin')

diff --git a/base/java-tools/bin/pki b/base/java-tools/bin/pki
index e476cfcfe..88490f7da 100644
--- a/base/java-tools/bin/pki
+++ b/base/java-tools/bin/pki
@@ -138,6 +138,9 @@ class PKICLI(pki.cli.CLI):
         if self.token and self.token != 'internal':
             cmd.extend(['--token', self.token])
 
+        if self.verbose:
+            cmd.extend(['--verbose'])
+
         cmd.extend(args)
 
         if self.verbose:
-- 
cgit