diff options
author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-08-19 17:58:15 +0000 |
---|---|---|
committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-08-19 17:58:15 +0000 |
commit | 646cf3f0d7b3d39713f60b493fd76ed5b4e66574 (patch) | |
tree | aa8921a6c2d4017d1953b7a0481806a8fac0b6ef /pki/base/common/src/com/netscape/cms/servlet/csadmin | |
parent | 4b0745d0e542d0e170435362f4a794cf4fa1b906 (diff) | |
download | pki-646cf3f0d7b3d39713f60b493fd76ed5b4e66574.tar.gz pki-646cf3f0d7b3d39713f60b493fd76ed5b4e66574.tar.xz pki-646cf3f0d7b3d39713f60b493fd76ed5b4e66574.zip |
Bugzilla BZ 548699 - subCA's admin certificate should be generated by itself
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1219 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java | 26 | ||||
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java | 20 |
2 files changed, 17 insertions, 29 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java index d1ca680a..1ba80999 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java @@ -270,15 +270,13 @@ public class AdminPanel extends WizardPanelBase { } // REMINDER: This panel is NOT used by "clones" - if( ( ca != null ) && ( security_domain_type.equals( "new" ) ) ) { + if( ca != null ) { if( selected_hierarchy.equals( "root" ) ) { CMS.debug( "AdminPanel update: " - + "Root CA subsystem - " - + "(new Security Domain)" ); + + "Root CA subsystem"); } else { CMS.debug( "AdminPanel update: " - + "Subordinate CA subsystem - " - + "(new Security Domain)" ); + + "Subordinate CA subsystem"); } try { @@ -292,27 +290,13 @@ public class AdminPanel extends WizardPanelBase { } else { String ca_hostname = null; int ca_port = -1; - boolean caRoot = false; // REMINDER: This panel is NOT used by "clones" - if( subsystemtype.equals( "CA" ) ) { - if( selected_hierarchy.equals( "root" ) ) { - CMS.debug( "AdminPanel update: " - + "Root CA subsystem - " - + "(existing Security Domain)" ); - caRoot = true; - } else { - CMS.debug( "AdminPanel update: " - + "Subordinate CA subsystem - " - + "(existing Security Domain)" ); - } - } else { - CMS.debug( "AdminPanel update: " + CMS.debug( "AdminPanel update: " + subsystemtype + " subsystem" ); - } - if ((type.equals("sdca")) && (!caRoot)) { + if (type.equals("sdca")) { try { ca_hostname = config.getString("preop.ca.hostname"); ca_port = config.getInteger("preop.ca.httpsport"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java index 7487694d..fc733848 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java @@ -133,24 +133,28 @@ public class ImportAdminCertPanel extends WizardPanelBase { if (ca == null) { if (type.equals("otherca")) { try { + // this is a non-CA system that has elected to have its certificates + // signed by a CA outside of the security domain. + // in this case, we submitted the cert request for the admin cert to + // to security domain host. caHost = cs.getString("securitydomain.host", ""); caPort = cs.getString("securitydomain.httpsadminport", ""); } catch (Exception e) {} } else if (type.equals("sdca")) { try { - // If this code is selected (e. g. - Subordinate CAs - // that are NOT their own Security Domain), it MUST - // still pass the "httpsadminport" associated with the - // Security Domain CA as defined via the NamePanel. + // this is a non-CA system that submitted its certs to a CA + // within the security domain. In this case, we submitted the cert + // request for the admin cert to this CA caHost = cs.getString("preop.ca.hostname", ""); caPort = cs.getString("preop.ca.httpsadminport", ""); } catch (Exception e) {} } } else { - // Provide default Security Domain values for 'caHost' and 'caPort' + // for CAs, we always generate our own admin certs + // send our own connection details try { - caHost = cs.getString("securitydomain.host", ""); - caPort = cs.getString("securitydomain.httpsadminport", ""); + caHost = cs.getString("service.machineName", ""); + caPort = cs.getString("pkicreate.admin_secure_port", ""); } catch (Exception e) {} } @@ -207,7 +211,7 @@ public class ImportAdminCertPanel extends WizardPanelBase { X509CertImpl certs[] = new X509CertImpl[1]; // REMINDER: This panel is NOT used by "clones" - if( ( ca != null ) && ( security_domain_type.equals( "new" ) ) ) { + if( ca != null ) { String serialno = null; if( selected_hierarchy.equals( "root" ) ) { |