[Pki-devel] [PATCH] 328 - fix trust settingd for pki client-cert-import

Fri, 29 Jul 2016 06:48:46 -0700 

Fix client-cert-import to set provided trust bits
    
Ticket 2412


From 0fd441eee679001a0c137193e32759a1068e839e Mon Sep 17 00:00:00 2001
From: Ade Lee <[email protected]>
Date: Fri, 29 Jul 2016 14:42:35 +0100
Subject: [PATCH] Fix client-cert-import to set provided trust bits

Ticket 2412
---
 .../netscape/cmstools/client/ClientCertImportCLI.java    | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/base/java-tools/src/com/netscape/cmstools/client/ClientCertImportCLI.java b/base/java-tools/src/com/netscape/cmstools/client/ClientCertImportCLI.java
index 9625440c01f85935b3a1d3fde8ccd82aad146452..a920079c456ab14d1c5d47b5432ee725859b4357 100644
--- a/base/java-tools/src/com/netscape/cmstools/client/ClientCertImportCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/client/ClientCertImportCLI.java
@@ -83,7 +83,7 @@ public class ClientCertImportCLI extends CLI {
         option.setArgName("serial number");
         options.addOption(option);
 
-        option = new Option(null, "trust", true, "Trust attributes. Default: u,u,u.");
+        option = new Option(null, "trust", true, "Trust attributes.");
         option.setArgName("trust attributes");
         options.addOption(option);
     }
@@ -140,13 +140,16 @@ public class ClientCertImportCLI extends CLI {
         String pkcs12PasswordPath = cmd.getOptionValue("pkcs12-password-file");
         boolean importFromCAServer = cmd.hasOption("ca-server");
         String serialNumber = cmd.getOptionValue("serial");
-        String trustAttributes = cmd.getOptionValue("trust", "u,u,u");
+        String trustAttributes = cmd.getOptionValue("trust");
 
         // load the certificate
         if (certPath != null) {
 
             if (verbose) System.out.println("Importing certificate from " + certPath + ".");
 
+            if (trustAttributes == null)
+                trustAttributes = "u,u,u";
+
             importCert(
                     mainCLI.certDatabase.getAbsolutePath(),
                     certPath,
@@ -157,7 +160,8 @@ public class ClientCertImportCLI extends CLI {
 
             if (verbose) System.out.println("Importing CA certificate from " + caCertPath + ".");
 
-            trustAttributes = "CT,c,";
+            if (trustAttributes == null)
+                trustAttributes = "CT,c,";
 
             importCert(
                     mainCLI.certDatabase.getAbsolutePath(),
@@ -218,7 +222,8 @@ public class ClientCertImportCLI extends CLI {
                 out.write(bytes);
             }
 
-            trustAttributes = "CT,c,";
+            if (trustAttributes == null)
+                trustAttributes = "CT,c,";
 
             importCert(
                     mainCLI.certDatabase.getAbsolutePath(),
@@ -250,6 +255,9 @@ public class ClientCertImportCLI extends CLI {
                 out.write(encoded);
             }
 
+            if (trustAttributes == null)
+                trustAttributes = "u,u,u";
+
             importCert(
                     mainCLI.certDatabase.getAbsolutePath(),
                     certFile.getAbsolutePath(),
-- 
2.4.3


_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to