To help troubleshooting, the ConfigurationUtils.handleCerts() has been modified to throw the exception instead of returning an integer.
https://fedorahosted.org/pki/ticket/2463 Pushed to master under trivial/one-liner rule. -- Endi S. Dewata
>From 50559c3829a28572a6ecdecce2ed6ec88d2a7046 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <[email protected]> Date: Fri, 28 Oct 2016 00:26:18 +0200 Subject: [PATCH] Troubleshooting improvement for ConfigurationUtils.handleCerts(). To help troubleshooting, the ConfigurationUtils.handleCerts() has been modified to throw the exception instead of returning an integer. https://fedorahosted.org/pki/ticket/2463 --- .../com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 11 +++++------ .../src/org/dogtagpki/server/rest/SystemConfigService.java | 8 ++------ 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 038afe8c5eb48be68585e2a0ead2762c405533c5..9a39de051b118217e7d9f9ede9b63e8fb457c440 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -3162,7 +3162,7 @@ public class ConfigurationUtils { cr.addCertificateRecord(record); } - public static int handleCerts(Cert cert) throws Exception { + public static void handleCerts(Cert cert) throws Exception { String certTag = cert.getCertTag(); String subsystem = cert.getSubsystem(); String nickname = cert.getNickname(); @@ -3170,7 +3170,7 @@ public class ConfigurationUtils { boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); if (!enable) - return 0; + return; CMS.debug("handleCerts(): for cert tag '" + cert.getCertTag() + "' using cert type '" + cert.getType() + "'"); String b64 = cert.getCert(); @@ -3190,7 +3190,7 @@ public class ConfigurationUtils { if (findCertificate(tokenname, nickname)) { if (!certTag.equals("sslserver")) - return 0; + return; } X509CertImpl impl = CertUtil.createLocalCert(config, x509key, PCERT_PREFIX, certTag, cert.getType(), null); @@ -3291,7 +3291,7 @@ public class ConfigurationUtils { } else { CMS.debug("handleCerts(): b64 not set"); - return 1; + throw new PKIException("Missing " + certTag + " certificate to import"); } } else { @@ -3321,7 +3321,7 @@ public class ConfigurationUtils { CryptoUtil.importUserCertificate(impl, nickname, false); } catch (Exception ee) { CMS.debug("handleCerts(): Failed to import user certificate." + ee.toString()); - return 1; + throw new Exception("Unable to import " + certTag + " certificate: " + ee, ee); } } @@ -3339,7 +3339,6 @@ public class ConfigurationUtils { CryptoUtil.trustCertByNickname(NickName); CMS.reinit(ICertificateAuthority.ID); } - return 0; } public static void setCertPermissions(String tag) throws EBaseException, NotInitializedException, diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index 9d7c176ecdbf2c87cb961fa3f6eb74fb41eb8ef5..2f9d0d65d6b2b64ae354460a579a725dd60d0122 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -195,18 +195,14 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } for (Cert cert : certs) { - int ret; try { CMS.debug("Processing '" + cert.getCertTag() + "' certificate:"); - ret = ConfigurationUtils.handleCerts(cert); + ConfigurationUtils.handleCerts(cert); ConfigurationUtils.setCertPermissions(cert.getCertTag()); CMS.debug("Processed '" + cert.getCertTag() + "' certificate."); } catch (Exception e) { CMS.debug(e); - throw new PKIException("Error in configuring system certificates" + e, e); - } - if (ret != 0) { - throw new PKIException("Error in configuring system certificates"); + throw new PKIException("Error in configuring system certificates: " + e, e); } } response.setSystemCerts(SystemCertDataFactory.create(certs)); -- 2.7.4
_______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel
