// --- BEGIN COPYRIGHT BLOCK --- // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; version 2 of the License. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License along // with this program; if not, write to the Free Software Foundation, Inc., // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // // (C) 2007 Red Hat, Inc. // All rights reserved. // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; import org.apache.velocity.context.Context; import javax.servlet.http.*; import javax.servlet.*; import java.io.*; import java.util.*; import java.net.*; import com.netscape.certsrv.apps.*; import com.netscape.certsrv.property.*; import com.netscape.certsrv.base.*; import com.netscape.cms.servlet.wizard.*; import com.netscape.cms.servlet.base.*; import org.mozilla.jss.*; import org.mozilla.jss.ssl.*; import org.mozilla.jss.crypto.*; import org.mozilla.jss.util.Base64OutputStream; import org.mozilla.jss.pkcs11.*; import netscape.security.x509.*; import com.netscape.cmsutil.xml.*; import com.netscape.cmsutil.http.*; import org.w3c.dom.*; import org.xml.sax.*; import java.security.cert.*; import java.security.*; import netscape.ldap.*; import com.netscape.cmsutil.crypto.*; import com.netscape.cms.servlet.wizard.*; public class WizardPanelBase implements IWizardPanel { public static String PCERT_PREFIX = "preop.cert."; public static String SUCCESS = "0"; public static String FAILURE = "1"; public static String AUTH_FAILURE = "2"; /** * Definition for static variables in CS.cfg */ public static final String CONF_CA_CERT = "ca.signing.cert"; public static final String CONF_CA_CERTREQ = "ca.signing.certreq"; public static final String CONF_CA_CERTNICKNAME = "ca.signing.certnickname"; public static final String PRE_CONF_ADMIN_NAME = "preop.admin.name"; public static final String PRE_CONF_AGENT_GROUP = "preop.admin.group"; /** * Definition for "preop" static variables in CS.cfg * -- "preop" config parameters should not assumed to exist after configuation */ public static final String PRE_CONF_CA_TOKEN = "preop.module.token"; public static final String PRE_CA_TYPE = "preop.ca.type"; public static final String PRE_OTHER_CA = "otherca"; public static final String PRE_ROOT_CA = "rootca"; private String mName = null; private int mPanelNo = 0; private String mId = null; /** * Initializes this panel. */ public void init(ServletConfig config, int panelno) throws ServletException { mPanelNo = panelno; } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) throws ServletException { mPanelNo = panelno; } /** * Cleans up this panel so that isPanelDone() will return false. */ public void cleanUp() throws IOException { } public String getName() { return mName; } public int getPanelNo() { return mPanelNo; } public void setPanelNo(int num) { mPanelNo = num; } public void setName(String name) { mName = name; } public void setId(String id) { mId = id; } public String getId() { return mId; } public PropertySet getUsage() { PropertySet set = null; return set; } /** * Should we skip this panel? */ public boolean shouldSkip() { return false; } /** * Is this panel done */ public boolean isPanelDone() { return false; } /** * Show "Apply" button on frame? */ public boolean showApplyButton() { return false; } /** * Is this a subPanel? */ public boolean isSubPanel() { return false; } public boolean isLoopbackPanel() { return false; } /** * has subPanels? */ public boolean hasSubPanel() { return false; } /** * Display the panel. */ public void display(HttpServletRequest request, HttpServletResponse response, Context context) {} /** * Checks if the given parameters are valid. */ public void validate(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException { } /** * Commit parameter changes */ public void update(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException {} /** * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, HttpServletResponse response, Context context) {} /** * Retrieves locale based on the request. */ public Locale getLocale(HttpServletRequest req) { Locale locale = null; String lang = req.getHeader("accept-language"); if (lang == null) { // use server locale locale = Locale.getDefault(); } else { locale = new Locale(UserInfo.getUserLanguage(lang), UserInfo.getUserCountry(lang)); } return locale; } public String getNickname(IConfigStore config, String certTag) { String instanceID = ""; try { instanceID = config.getString("instanceId", ""); } catch (Exception e) {} String nickname = certTag + "Cert cert-" + instanceID; String preferredNickname = null; try { preferredNickname = config.getString( PCERT_PREFIX + certTag + ".nickname", null); } catch (Exception e) {} if (preferredNickname != null) { nickname = preferredNickname; } return nickname; } public void updateDomainXML(String hostname, int port, boolean https, String servlet, String uri) throws IOException { CMS.debug("WizardPanelBase updateDomainXML start hostname=" + hostname + " port=" + port); IConfigStore cs = CMS.getConfigStore(); String nickname = ""; String tokenname = ""; try { nickname = cs.getString("preop.cert.subsystem.nickname", ""); tokenname = cs.getString("preop.module.token", ""); } catch (Exception e) {} if (!tokenname.equals("Internal Key Storage Token") && !tokenname.equals("internal")) { nickname = tokenname+":"+nickname; } CMS.debug("WizardPanelBase updateDomainXML nickname=" + nickname); CMS.debug("WizardPanelBase: start sending updateDomainXML request"); String c = getHttpResponse(hostname, port, https, servlet, uri, nickname); CMS.debug("WizardPanelBase: done sending updateDomainXML request"); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject obj = null; try { obj = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::updateDomainXML() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = obj.getValue("Status"); CMS.debug("WizardPanelBase updateDomainXML: status=" + status); if (status.equals(SUCCESS)) { return; } else { String error = obj.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase: updateDomainXML: " + e.toString()); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase: updateDomainXML: " + e.toString()); throw new IOException(e.toString()); } } } public int getSubsystemCount(String hostname, int port, boolean https, String type) throws IOException { CMS.debug("WizardPanelBase getSubsystemCount start"); String c = getDomainXML(hostname, port, true); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject obj = new XMLObject(bis); String containerName = type+"List"; Node n = obj.getContainer(containerName); NodeList nlist = n.getChildNodes(); String countS = ""; for (int i=0; i 0) v = n2.item(0).getNodeValue(); break; } } if (name.equals("internaldb.ldapconn.host")) { config.putString("preop.internaldb.master.hostname", v); } else if (name.equals("internaldb.ldapconn.port")) { config.putString("preop.internaldb.master.port", v); } else if (name.equals("internaldb.ldapauth.bindDN")) { config.putString("preop.internaldb.master.binddn", v); } else if (name.equals("internaldb.basedn")) { config.putString(name, v); config.putString("preop.internaldb.master.basedn", v); } else if (name.equals("internaldb.ldapauth.password")) { config.putString("preop.internaldb.master.bindpwd", v); } else if (name.equals("instanceId")) { config.putString("preop.master.instanceId", v); } else if (name.equals("preop.cert.signing.nickname")) { config.putString("preop.master.signing.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.ocsp_signing.nickname")) { config.putString("preop.master.ocsp_signing.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.subsystem.nickname")) { config.putString("preop.master.subsystem.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.transport.nickname")) { config.putString("preop.master.transport.nickname", v); config.putString("kra.transportUnit.nickName", v); config.putString(name, v); } else if (name.equals("preop.cert.storage.nickname")) { config.putString("preop.master.storage.nickname", v); config.putString("kra.storageUnit.nickName", v); config.putString(name, v); } else { config.putString(name, v); } } return true; } else if (status.equals(AUTH_FAILURE)) { reloginSecurityDomain(response); return false; } else { String error = parser.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase: updateConfigEntries: " + e.toString()); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase: updateConfigEntries: " + e.toString()); throw new IOException(e.toString()); } } return false; } public boolean authenticate(String hostname, int port, boolean https, String servlet, String uri) throws IOException { CMS.debug("WizardPanelBase authenticate start"); String c = getHttpResponse(hostname, port, https, servlet, uri, null); IConfigStore cs = CMS.getConfigStore(); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::authenticate() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = parser.getValue("Status"); CMS.debug("WizardPanelBase authenticate: status=" + status); if (status.equals(SUCCESS)) { String cookie = parser.getValue("Cookie"); cs.putString("preop.cookie", cookie); return true; } else { String error = parser.getValue("Error"); return false; } } catch (Exception e) { CMS.debug("WizardPanelBase: authenticate: " + e.toString()); throw new IOException(e.toString()); } } return false; } public void updateOCSPConfig(String hostname, int port, boolean https, String content, HttpServletResponse response) throws IOException { CMS.debug("WizardPanelBase updateOCSPConfig start"); String c = getHttpResponse(hostname, port, https, "/ca/ee/ca/updateOCSPConfig", content, null); if (c == null || c.equals("")) { CMS.debug("WizardPanelBase updateOCSPConfig: content is null."); throw new IOException("The server you want to contact is not available"); } else { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::updateOCSPConfig() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = parser.getValue("Status"); CMS.debug("WizardPanelBase updateOCSPConfig: status=" + status); if (status.equals(SUCCESS)) { CMS.debug("WizardPanelBase updateOCSPConfig: Successfully update the OCSP configuration in the CA."); } else if (status.equals(AUTH_FAILURE)) { reloginSecurityDomain(response); return; } else { String error = parser.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase updateOCSPConfig: " + e.toString()); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase updateOCSPConfig: " + e.toString()); throw new IOException(e.toString()); } } } public void updateNumberRange(String hostname, int port, boolean https, String content, String type, HttpServletResponse response) throws IOException { CMS.debug("WizardPanelBase updateNumberRange start host=" + hostname + " port=" + port); IConfigStore cs = CMS.getConfigStore(); String cstype = ""; try { cstype = cs.getString("cs.type", ""); } catch (Exception e) { } cstype = toLowerCaseSubsystemType(cstype); String c = getHttpResponse(hostname, port, https, "/"+cstype+"/ee/"+cstype+"/updateNumberRange", content, null); if (c == null || c.equals("")) { CMS.debug("WizardPanelBase updateNumberRange: content is null."); throw new IOException("The server you want to contact is not available"); } else { CMS.debug("content="+c); try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::updateNumberRange() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = parser.getValue("Status"); CMS.debug("WizardPanelBase updateNumberRange: status=" + status); if (status.equals(SUCCESS)) { String beginNum = parser.getValue("beginNumber"); String endNum = parser.getValue("endNumber"); if (type.equals("request")) { cs.putString("dbs.beginRequestNumber", beginNum); cs.putString("dbs.endRequestNumber", endNum); } else if (type.equals("serialNo")) { cs.putString("dbs.beginSerialNumber", beginNum); cs.putString("dbs.endSerialNumber", endNum); } cs.commit(false); } else if (status.equals(AUTH_FAILURE)) { reloginSecurityDomain(response); return; } else { String error = parser.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase: updateNumberRange: " + e.toString()); CMS.debug(e); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase: updateNumberRange: " + e.toString()); CMS.debug(e); throw new IOException(e.toString()); } } } public int getPort(String hostname, int port, boolean https, String portServlet, boolean sport) throws IOException { CMS.debug("WizardPanelBase getPort start"); String c = getHttpResponse(hostname, port, https, portServlet, "secure=" + sport, null); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::getPort() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = parser.getValue("Status"); CMS.debug("WizardPanelBase getPort: status=" + status); if (status.equals(SUCCESS)) { String portStr = parser.getValue("Port"); port = Integer.parseInt(portStr); return port; } else { String error = parser.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase: getPort: " + e.toString()); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase: getPort: " + e.toString()); throw new IOException(e.toString()); } } return -1; } public String getHttpResponse(String hostname, int port, boolean secure, String uri, String content, String clientnickname) throws IOException { return getHttpResponse(hostname, port, secure, uri, content, clientnickname, null); } public String getHttpResponse(String hostname, int port, boolean secure, String uri, String content, String clientnickname, SSLCertificateApprovalCallback certApprovalCallback) throws IOException { HttpClient httpclient = null; String c = null; try { if (secure) { JssSSLSocketFactory factory = null; if (clientnickname != null && clientnickname.length() > 0) factory = new JssSSLSocketFactory(clientnickname); else factory = new JssSSLSocketFactory(); httpclient = new HttpClient(factory, certApprovalCallback); } else { httpclient = new HttpClient(); } httpclient.connect(hostname, port); HttpRequest httprequest = new HttpRequest(); httprequest.setMethod(HttpRequest.POST); httprequest.setURI(uri); // httprequest.setURI("/ca/ee/ca/ports"); httprequest.setHeader("user-agent", "HTTPTool/1.0"); // String content_c = "secure="+secure; httprequest.setHeader("content-type", "application/x-www-form-urlencoded"); if (content != null && content.length() > 0) { String content_c = content; httprequest.setHeader("content-length", "" + content_c.length()); httprequest.setContent(content_c); } HttpResponse httpresponse = httpclient.send(httprequest); c = httpresponse.getContent(); } catch (ConnectException e) { CMS.debug("WizardPanelBase getHttpResponse: " + e.toString()); throw new IOException("The server you tried to contact is not running."); } catch (Exception e) { CMS.debug("WizardPanelBase getHttpResponse: " + e.toString()); throw new IOException(e.toString()); } finally { if (httpclient.connected()) { httpclient.disconnect(); } } return c; } public Vector getMasterUrlListFromSecurityDomain(IConfigStore config, String type) { Vector v = new Vector(); try { String hostname = config.getString("preop.securitydomain.host"); int httpsport = config.getInteger("preop.securitydomain.httpsport"); CMS.debug("Getting domain.xml from CA..."); String c = getDomainXML(hostname, httpsport, true); String list = ""; CMS.debug("Type " + type); if (type.equals("CA")) { list = "CAList"; } else if (type.equals("KRA")) { list = "KRAList"; } else if (type.equals("OCSP")) { list = "OCSPList"; } else if (type.equals("TKS")) { list = "TKSList"; } ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = new XMLObject(bis); Document doc = parser.getDocument(); NodeList nodeList = doc.getElementsByTagName(type); // save domain name in cfg config.putString("preop.securitydomain.name", parser.getValue("Name")); int len = nodeList.getLength(); CMS.debug("Len " + len); for (int i = 0; i < len; i++) { Vector v_clone = parser.getValuesFromContainer(nodeList.item(i), "Clone"); String clone = (String)v_clone.elementAt(0); if (clone.equals("true")) continue; Vector v_name = parser.getValuesFromContainer(nodeList.item(i), "SubsystemName"); Vector v_host = parser.getValuesFromContainer(nodeList.item(i), "Host"); Vector v_port = parser.getValuesFromContainer(nodeList.item(i), "SecurePort"); v.addElement( v_name.elementAt(0) + " - https://" + v_host.elementAt(0) + ":" + v_port.elementAt(0)); } } catch (Exception e) { CMS.debug(e.toString()); } return v; } public Vector getUrlListFromSecurityDomain(IConfigStore config, String type) { Vector v = new Vector(); try { String hostname = config.getString("preop.securitydomain.host"); int httpsport = config.getInteger("preop.securitydomain.httpsport"); CMS.debug("Getting domain.xml from CA..."); String c = getDomainXML(hostname, httpsport, true); String list = ""; CMS.debug("Type " + type); if (type.equals("CA")) { list = "CAList"; } else if (type.equals("KRA")) { list = "KRAList"; } else if (type.equals("OCSP")) { list = "OCSPList"; } else if (type.equals("TKS")) { list = "TKSList"; } ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = new XMLObject(bis); Document doc = parser.getDocument(); NodeList nodeList = doc.getElementsByTagName(type); // save domain name in cfg config.putString("preop.securitydomain.name", parser.getValue("Name")); int len = nodeList.getLength(); CMS.debug("Len " + len); for (int i = 0; i < len; i++) { Vector v_name = parser.getValuesFromContainer(nodeList.item(i), "SubsystemName"); Vector v_host = parser.getValuesFromContainer(nodeList.item(i), "Host"); Vector v_port = parser.getValuesFromContainer(nodeList.item(i), "SecurePort"); v.addElement( v_name.elementAt(0) + " - https://" + v_host.elementAt(0) + ":" + v_port.elementAt(0)); } } catch (Exception e) { CMS.debug(e.toString()); } return v; } public String pingCS(String hostname, int port, boolean https, SSLCertificateApprovalCallback certApprovalCallback) throws IOException { CMS.debug("WizardPanelBase pingCS start"); String c = getHttpResponse(hostname, port, https, "/ca/ee/ca/getStatus", null, null, certApprovalCallback); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; String state = null; try { parser = new XMLObject(bis); CMS.debug("WizardPanelBase pingCS: got XML parsed"); state = parser.getValue("State"); if (state != null) CMS.debug("WizardPanelBase pingCS: state=" + state); } catch (Exception e) { CMS.debug("WizardPanelBase: pingCS: parser failed" + e.toString()); } return state; } catch (Exception e) { CMS.debug("WizardPanelBase: pingCS: " + e.toString()); throw new IOException(e.toString()); } } return null; } public String toLowerCaseSubsystemType(String s) { String x = null; if (s.equals("CA")) { x = "ca"; } else if (s.equals("KRA")) { x = "kra"; } else if (s.equals("OCSP")) { x = "ocsp"; } else if (s.equals("TKS")) { x = "tks"; } return x; } public void getTokenInfo(IConfigStore config, String type, String host, int port, boolean https, Context context, ConfigCertApprovalCallback certApprovalCallback) throws IOException { CMS.debug("WizardPanelBase getTokenInfo start"); String uri = "/"+type+"/ee/"+type+"/getTokenInfo"; CMS.debug("WizardPanelBase getTokenInfo: uri="+uri); String c = getHttpResponse(host, port, https, uri, null, null, certApprovalCallback); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { CMS.debug( "WizardPanelBase::getTokenInfo() - " + "Exception="+e.toString() ); throw new IOException( e.toString() ); } String status = parser.getValue("Status"); CMS.debug("WizardPanelBase getTokenInfo: status=" + status); if (status.equals(SUCCESS)) { Document doc = parser.getDocument(); NodeList list = doc.getElementsByTagName("name"); int len = list.getLength(); for (int i=0; i 0) v = n2.item(0).getNodeValue(); break; } } if (name.equals("preop.cert.signing.nickname")) { config.putString("preop.master.signing.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.ocsp_signing.nickname")) { config.putString("preop.master.ocsp_signing.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.subsystem.nickname")) { config.putString("preop.master.subsystem.nickname", v); config.putString(name, v); } else if (name.equals("preop.cert.transport.nickname")) { config.putString("preop.master.transport.nickname", v); config.putString("kra.transportUnit.nickName", v); config.putString(name, v); } else if (name.equals("preop.cert.storage.nickname")) { config.putString("preop.master.storage.nickname", v); config.putString("kra.storageUnit.nickName", v); config.putString(name, v); } else { config.putString(name, v); } } } else { String error = parser.getValue("Error"); throw new IOException(error); } } catch (IOException e) { CMS.debug("WizardPanelBase: getTokenInfo: " + e.toString()); throw e; } catch (Exception e) { CMS.debug("WizardPanelBase: getTokenInfo: " + e.toString()); throw new IOException(e.toString()); } } } public void importCertChain(String id) throws IOException { CMS.debug("DisplayCertChainPanel importCertChain"); IConfigStore config = CMS.getConfigStore(); String configName = "preop." + id + ".pkcs7"; String pkcs7 = ""; try { pkcs7 = config.getString(configName, ""); } catch (Exception e) {} if (pkcs7.length() > 0) { try { CryptoUtil.importCertificateChain(pkcs7); } catch (Exception e) { CMS.debug("DisplayCertChainPanel importCertChain: Exception: "+e.toString()); } } } public void updateCertChain(IConfigStore config, String name, String host, int port, boolean https, Context context) throws IOException { updateCertChain(config, name, host, port, https, context, null); } public void updateCertChain(IConfigStore config, String name, String host, int port, boolean https, Context context, ConfigCertApprovalCallback certApprovalCallback) throws IOException { String certchain = getCertChain(host, port, https, certApprovalCallback); config.putString("preop."+name+".pkcs7", certchain); byte[] decoded = CryptoUtil.base64Decode(certchain); java.security.cert.X509Certificate[] b_certchain = null; try { b_certchain = CryptoUtil.getX509CertificateFromPKCS7(decoded); } catch (Exception e) { context.put("errorString", "Failed to get the certificate chain."); return; } int size = 0; if (b_certchain != null) { size = b_certchain.length; } config.putInteger("preop."+name+".certchain.size", size); for (int i = 0; i < size; i++) { byte[] bb = null; try { bb = b_certchain[i].getEncoded(); } catch (Exception e) { context.put("errorString", "Failed to get the der-encoded certificate chain."); return; } config.putString("preop."+name+".certchain." + i, CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bb))); } try { config.commit(false); } catch (EBaseException e) { } } public void deleteCert(String tokenname, String nickname) { try { CryptoManager cm = CryptoManager.getInstance(); CryptoToken tok = cm.getTokenByName(tokenname); CryptoStore store = tok.getCryptoStore(); String fullnickname = nickname; if (tokenname.equals("Internal Key Storage Token") && tokenname.equals("internal")) fullnickname = tokenname+":"+nickname; CMS.debug("WizardPanelBase deleteCert: nickname="+fullnickname); org.mozilla.jss.crypto.X509Certificate cert = cm.findCertByNickname(fullnickname); if (store instanceof PK11Store) { CMS.debug("WizardPanelBase deleteCert: this is pk11store"); PK11Store pk11store = (PK11Store)store; pk11store.deleteCertOnly(cert); } } catch (Exception e) { CMS.debug("WizardPanelBase deleteCert: Exception="+e.toString()); } } public void deleteEntries(LDAPSearchResults res, LDAPConnection conn, String dn, String[] entries) { String[] attrs = null; LDAPSearchConstraints cons = null; String filter = "objectclass=*"; try { if (res.getCount() == 0) return; else { while (res.hasMoreElements()) { LDAPEntry entry = res.next(); String dn1 = entry.getDN(); LDAPSearchResults res1 = conn.search(dn1, 1, filter, attrs, true, cons); deleteEntries(res1, conn, dn1, entries); deleteEntry(conn, dn1, entries); } } } catch (Exception ee) { CMS.debug("WizardPanelBase deleteEntries: Exception="+ee.toString()); } } public void deleteEntry(LDAPConnection conn, String dn, String[] entries) { try { for (int i=0; i