From 8b85ace2a2761c8451a11b4df8f142bd291cd6d4 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Fri, 17 Mar 2017 07:55:11 +0100 Subject: Default NSS database for PKI CLI. The PKI CLI has been modified to create a default NSS database without a password if there is no existing database at the expected location. --- .../src/com/netscape/cmstools/cli/MainCLI.java | 28 ++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'base/java-tools/src') diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index 0a9ddf0a6..75904edc6 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -467,12 +467,32 @@ public class MainCLI extends CLI { public void init() throws Exception { - // Main program should initialize client security database - if (certDatabase.exists()) { - if (verbose) System.out.println("Initializing client security database"); - CryptoManager.initialize(certDatabase.getAbsolutePath()); + // Create security database if it doesn't exist + if (!certDatabase.exists()) { + + if (verbose) System.out.println("Creating security database"); + + certDatabase.mkdirs(); + + String[] commands = { + "/usr/bin/certutil", "-N", + "-d", certDatabase.getAbsolutePath(), + "--empty-password" + }; + + Runtime rt = Runtime.getRuntime(); + Process p = rt.exec(commands); + + int rc = p.waitFor(); + if (rc != 0) { + throw new Exception("Unable to create security database: " + certDatabase.getAbsolutePath() + " (rc: " + rc + ")"); + } } + // Main program should initialize security database + if (verbose) System.out.println("Initializing security database"); + CryptoManager.initialize(certDatabase.getAbsolutePath()); + // If password is specified, use password to access security token if (config.getCertPassword() != null) { if (verbose) System.out.println("Logging into security token"); -- cgit