From 4fc145d2144d94e67188509d1b284e4c5eb95905 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 25 Apr 2013 17:06:04 -0400 Subject: Added method to download CA cert chain from admin interface. A new method has been added to the PKIClient to download the CA certificate chain from an alternative location including the admin interface. Ticket #491 --- .../cmstools/client/ClientImportCertCLI.java | 28 ++++++++++++++-------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'base/java-tools/src/com') diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientImportCertCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientImportCertCLI.java index ed7309b1a..e89f954bb 100644 --- a/base/java-tools/src/com/netscape/cmstools/client/ClientImportCertCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/client/ClientImportCertCLI.java @@ -19,7 +19,6 @@ package com.netscape.cmstools.client; import java.io.File; -import java.net.URI; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; @@ -74,31 +73,30 @@ public class ClientImportCertCLI extends CLI { String certPath = cmd.getOptionValue("cert"); String caCertPath = cmd.getOptionValue("ca-cert"); - boolean importCACert = cmd.hasOption("ca-server"); + boolean importFromCAServer = cmd.hasOption("ca-server"); + boolean isCACert = false; + + // load the certificate if (certPath != null) { if (verbose) System.out.println("Loading certificate from " + certPath + "."); bytes = FileUtils.readFileToByteArray(new File(certPath)); - if (verbose) System.out.println("Importing certificate."); - cert = parent.parent.client.importCertPackage(bytes, parent.parent.client.config.getCertNickname()); } else if (caCertPath != null) { if (verbose) System.out.println("Loading CA certificate from " + caCertPath + "."); bytes = FileUtils.readFileToByteArray(new File(caCertPath)); - if (verbose) System.out.println("Importing CA certificate."); - cert = parent.parent.client.importCACertPackage(bytes); + isCACert = true; - } else if (importCACert) { + } else if (importFromCAServer) { ClientConfig config = parent.parent.config; String caServerURI = "http://" + config.getServerURI().getHost() + ":8080/ca"; if (verbose) System.out.println("Downloading CA certificate from " + caServerURI + "."); - bytes = parent.parent.client.downloadCACertChain(new URI(caServerURI)); + bytes = parent.parent.client.downloadCACertChain(caServerURI); - if (verbose) System.out.println("Importing CA certificate."); - cert = parent.parent.client.importCACertPackage(bytes); + isCACert = true; } else { System.err.println("Error: Missing certificate to import"); @@ -106,6 +104,16 @@ public class ClientImportCertCLI extends CLI { System.exit(1); } + // import the certificate + if (isCACert) { + if (verbose) System.out.println("Importing CA certificate."); + cert = parent.parent.client.importCACertPackage(bytes); + + } else { + if (verbose) System.out.println("Importing certificate."); + cert = parent.parent.client.importCertPackage(bytes, parent.parent.client.config.getCertNickname()); + } + MainCLI.printMessage("Imported certificate \"" + cert.getNickname() + "\""); ClientCLI.printCertInfo(cert); } -- cgit