[Pki-devel] [PATCH] 925 Troubleshooting improvements for CAEnrollProfile.

Thu, 02 Feb 2017 13:27:49 -0800 

To help troubleshooting the CAEnrollProfile class has been modified
to chain the original exceptions.

Pushed to master under trivial rule.

--
Endi S. Dewata

>From 8592db4465c3957afebcabb1c9c1bf6c9cf97ab8 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Thu, 2 Feb 2017 01:53:45 +0100
Subject: [PATCH] Troubleshooting improvements for CAEnrollProfile.

To help troubleshooting the CAEnrollProfile class has been modified
to chain the original exceptions.
---
 .../cms/profile/common/CAEnrollProfile.java        | 31 +++++++++++++---------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/base/server/cms/src/com/netscape/cms/profile/common/CAEnrollProfile.java b/base/server/cms/src/com/netscape/cms/profile/common/CAEnrollProfile.java
index 8c14e91767f6cc765413821da71b2c26d86f77d3..44c1245939974dfb5628418d3511bc9dc9eb9e48 100644
--- a/base/server/cms/src/com/netscape/cms/profile/common/CAEnrollProfile.java
+++ b/base/server/cms/src/com/netscape/cms/profile/common/CAEnrollProfile.java
@@ -19,10 +19,6 @@ package com.netscape.cms.profile.common;
 
 import java.util.Enumeration;
 
-import netscape.security.x509.X500Name;
-import netscape.security.x509.X509CertImpl;
-import netscape.security.x509.X509CertInfo;
-
 import org.mozilla.jss.pkix.crmf.PKIArchiveOptions;
 
 import com.netscape.certsrv.apps.CMS;
@@ -41,6 +37,10 @@ import com.netscape.certsrv.profile.IProfileUpdater;
 import com.netscape.certsrv.request.IRequest;
 import com.netscape.certsrv.request.RequestStatus;
 
+import netscape.security.x509.X500Name;
+import netscape.security.x509.X509CertImpl;
+import netscape.security.x509.X509CertInfo;
+
 /**
  * This class implements a Certificate Manager enrollment
  * profile.
@@ -53,7 +53,6 @@ public class CAEnrollProfile extends EnrollProfile {
             "LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST_4";
 
     public CAEnrollProfile() {
-        super();
     }
 
     public IAuthority getAuthority() {
@@ -93,8 +92,8 @@ public class CAEnrollProfile extends EnrollProfile {
             auditArchiveID = id.trim();
         }
 
-        CMS.debug("CAEnrollProfile: execute reqId=" +
-                request.getRequestId().toString());
+        CMS.debug("CAEnrollProfile: execute request ID " + id);
+
         ICertificateAuthority ca = (ICertificateAuthority) getAuthority();
 
         ICAService caService = (ICAService) ca.getCAService();
@@ -105,6 +104,7 @@ public class CAEnrollProfile extends EnrollProfile {
         // if PKI Archive Option present, send this request
         // to DRM
         byte optionsData[] = request.getExtDataInByteArray(REQUEST_ARCHIVE_OPTIONS);
+
         // do not archive keys for renewal requests
         if ((optionsData != null) && (!request.getRequestType().equals(IRequest.RENEWAL_REQUEST))) {
             PKIArchiveOptions options = toPKIArchiveOptions(optionsData);
@@ -166,7 +166,7 @@ public class CAEnrollProfile extends EnrollProfile {
                     if (e instanceof ERejectException) {
                         throw (ERejectException) e;
                     }
-                    CMS.debug("CAEnrollProfile: " + e.toString());
+                    CMS.debug("CAEnrollProfile: " + e);
                     CMS.debug(e);
 
                     auditMessage = CMS.getLogMessage(
@@ -177,32 +177,36 @@ public class CAEnrollProfile extends EnrollProfile {
                             auditArchiveID);
 
                     audit(auditMessage);
-                    throw new EProfileException(e.toString());
+                    throw new EProfileException(e);
                 }
             }
         }
+
         // process certificate issuance
         X509CertInfo info = request.getExtDataInCertInfo(REQUEST_CERTINFO);
-        X509CertImpl theCert = null;
         // #615460 - added audit log (transaction)
         SessionContext sc = SessionContext.getExistingContext();
         sc.put("profileId", getId());
+
         String setId = request.getExtDataInString("profileSetId");
         if (setId != null) {
             sc.put("profileSetId", setId);
         }
+
         AuthorityID aid = null;
         String aidString = request.getExtDataInString(IRequest.AUTHORITY_ID);
         if (aidString != null)
             aid = new AuthorityID(aidString);
+
+        X509CertImpl theCert;
         try {
             theCert = caService.issueX509Cert(
                 aid, info, getId() /* profileId */, id /* requestId */);
         } catch (EBaseException e) {
-            CMS.debug(e.toString());
-
-            throw new EProfileException(e.toString());
+            CMS.debug(e);
+            throw new EProfileException(e);
         }
+
         request.setExtData(REQUEST_ISSUED_CERT, theCert);
 
         long endTime = CMS.getCurrentDate().getTime();
@@ -230,6 +234,7 @@ public class CAEnrollProfile extends EnrollProfile {
         }
 
         request.setRequestStatus(RequestStatus.COMPLETE);
+
         // notifies updater plugins
         Enumeration<String> updaterIds = getProfileUpdaterIds();
         while (updaterIds.hasMoreElements()) {
-- 
2.5.5


_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to