From 8168b0d7d8b6a2d4929d8470ff9d2845d76e724d Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Tue, 29 Apr 2014 19:59:32 -0700 Subject: Attempt to clarify pki-cert-request-review command * PKI TRAC Ticket #585 - 'pki cert-request-review' --output creates a file only when --action attribute is not present --- base/java-tools/man/man1/pki-cert.1 | 8 ++++++-- .../com/netscape/cmstools/cert/CertRequestReviewCLI.java | 15 +++++++++++++-- 2 files changed, 19 insertions(+), 4 deletions(-) (limited to 'base/java-tools') diff --git a/base/java-tools/man/man1/pki-cert.1 b/base/java-tools/man/man1/pki-cert.1 index bde8bd2b2..88a470cd2 100644 --- a/base/java-tools/man/man1/pki-cert.1 +++ b/base/java-tools/man/man1/pki-cert.1 @@ -144,11 +144,15 @@ Then, an agent needs to review the request by running the following command: .B pki ca-cert-request-review --file -The certificate request, as well as the defaults and constraints of the enrollment profile, will be stored in the output file provided by the --file option. The agent can examine the file and override any values if necessary. To process the request, enter the appropriate action when prompted: +The --file and --action options are mutually exclusive (i. e. - only one or the other may be specified during command invocation). + +If the --file option is specified, the certificate request, as well as the defaults and constraints of the enrollment profile, will be retrieved and stored in the output file provided by the --file option. The agent can examine the file and override any values if necessary. To process the request, enter the appropriate action when prompted: .B Action (approve/reject/cancel/update/validate/assign/unassign): -Alternatively, the agent can process the request in a single step with the following command: +The request in the file will be read in, and the specified action will be applied against it. + +Alternatively, when no changes to the request are necessary, the agent can process the request in a single step using the --action option with the following command: .B pki ca-cert-request-review --action diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java index 4a8221bcd..4b3daf8d3 100644 --- a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java @@ -46,7 +46,9 @@ public class CertRequestReviewCLI extends CLI { option.setArgName("action"); options.addOption(option); - option = new Option(null, "file", true, "File to store the certificate request"); + option = new Option(null, "file", true, + "File to store the retrieved certificate request.\n" + + "Action will be prompted for to run against request read in from file."); option.setArgName("filename"); options.addOption(option); } @@ -86,6 +88,15 @@ public class CertRequestReviewCLI extends CLI { System.exit(-1); } + // Since "--action " and "--file " are mutually + // exclusive, check to make certain that only one has been set + if (cmd.hasOption("action") && cmd.hasOption("file")) { + System.err.println("Error: The '--action ' and '--file ' " + + "options are mutually exclusive!"); + printHelp(); + System.exit(-1); + } + String action = cmd.getOptionValue("action"); String filename = null; @@ -93,7 +104,7 @@ public class CertRequestReviewCLI extends CLI { if (cmd.hasOption("file")) { filename = cmd.getOptionValue("file"); } else { - System.err.println("Error: Missing output file name."); + System.err.println("Error: Missing '--action ' or '--file ' option."); printHelp(); System.exit(-1); } -- cgit