diff options
Diffstat (limited to 'pki/base/common/src/com/netscape')
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java | 4 | ||||
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java | 1 |
2 files changed, 3 insertions, 2 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java b/pki/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java index 01fd7eb0..a94536e8 100644 --- a/pki/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java +++ b/pki/base/common/src/com/netscape/cms/profile/constraint/KeyConstraint.java @@ -84,7 +84,7 @@ public class KeyConstraint extends EnrollConstraint { public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_KEY_TYPE)) { - return new Descriptor(IDescriptor.CHOICE, "RSA,EC", + return new Descriptor(IDescriptor.CHOICE, "-,RSA,EC", "RSA", CMS.getUserMessage(locale, "CMS_PROFILE_KEY_TYPE")); } else if (name.equals(CONFIG_KEY_PARAMETERS)) { @@ -144,7 +144,7 @@ public class KeyConstraint extends EnrollConstraint { if (alg.equals("EC")) { //For now only check for legal EC key type. //We don't have the required EC key class to evaluate curve names. - if (!alg.equals(keyType)) { + if (!alg.equals(keyType) && !isOptional(keyType)) { throw new ERejectException( CMS.getUserMessage( getLocale(request), diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java index 43fa3e0d..dc8adaf9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -58,6 +58,7 @@ public class CertUtil { throws IOException { HttpClient httpclient = new HttpClient(); String c = null; + CMS.debug("CertUtil createRemoteCert: content " + content); try { JssSSLSocketFactory factory = new JssSSLSocketFactory(); |