The pkispawn has been modified to display the proper summary for
external CA and existing CA cases.
https://fedorahosted.org/pki/ticket/456
--
Endi S. Dewata
From 9d6b801afdc4d3209c203c21b6894af52fc5355b Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Fri, 22 Jan 2016 00:03:39 +0100
Subject: [PATCH] Fixed installation summary for existing CA.
The pkispawn has been modified to display the proper summary for
external CA and existing CA cases.
https://fedorahosted.org/pki/ticket/456
---
.../python/pki/server/deployment/pkihelper.py | 1 +
.../server/deployment/scriptlets/configuration.py | 13 ++---
base/server/sbin/pkispawn | 22 +++---
3 files changed, 26 insertions(+), 10 deletions(-)
diff --git a/base/server/python/pki/server/deployment/pkihelper.py
b/base/server/python/pki/server/deployment/pkihelper.py
index
1db23582620fa8b4bc2abe03bb91724cb32fecf0..c5c71ef997d8d3c768324c0fdaa1124a2f4a16dc
100644
--- a/base/server/python/pki/server/deployment/pkihelper.py
+++ b/base/server/python/pki/server/deployment/pkihelper.py
@@ -504,6 +504,7 @@ class ConfigurationFile:
self.external = config.str2bool(self.mdict['pki_external'])
self.external_step_one = not
config.str2bool(self.mdict['pki_external_step_two'])
self.external_step_two = not self.external_step_one
+self.external_csr_path = self.mdict['pki_external_csr_path']
if self.external:
# generic extension support in CSR - for external CA
diff --git
a/base/server/python/pki/server/deployment/scriptlets/configuration.py
b/base/server/python/pki/server/deployment/scriptlets/configuration.py
index
575a347c20285454b80e6394c5168c77bf2af885..a5ab3f88b6c74de7acf8ca6224c87a71e1211c08
100644
--- a/base/server/python/pki/server/deployment/scriptlets/configuration.py
+++ b/base/server/python/pki/server/deployment/scriptlets/configuration.py
@@ -96,6 +96,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
external = deployer.configuration_file.external
step_one = deployer.configuration_file.external_step_one
step_two = deployer.configuration_file.external_step_two
+external_csr_path = deployer.configuration_file.external_csr_path
try:
if external and step_one: # external/existing CA step 1
@@ -127,16 +128,15 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# If filename specified, generate CA cert request and
# import it into CS.cfg.
-request_file = deployer.mdict['pki_external_csr_path']
-if request_file:
+if external_csr_path:
nssdb.create_request(
subject_dn=deployer.mdict['pki_ca_signing_subject_dn'],
-request_file=request_file,
+request_file=external_csr_path,
key_type=key_type,
key_size=key_size,
curve=curve,
hash_alg=hash_alg)
-with open(request_file) as f:
+with open(external_csr_path) as f:
signing_csr = f.read()
signing_csr = pki.nss.convert_csr(signing_csr, 'pem',
'base64')
subsystem.config['ca.signing.certreq'] = signing_csr
@@ -150,9 +150,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
elif external and step_two: # external/existing CA step 2
# If specified, import existing CA cert request into CS.cfg.
-request_file = deployer.mdict['pki_external_csr_path']
-if request_file:
-with open(request_file) as f:
+if external_csr_path:
+with open(external_csr_path) as f:
signing_csr = f.read()
signing_csr = pki.nss.convert_csr(signing_csr, 'pem',
'base64')
subsystem.config['ca.signing.certreq'] = signing_csr
diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn
index
9c2aa2d665b2e523bae242bebb27c06c471ce2c7..bca33799c111cae40e530ec97c38cc0e06ce0223
100755
--- a/base/server/sbin/pkispawn
+++ b/base/server/sbin/pkispawn
@@ -616,9 +616,13 @@ def main(argv):
external = deployer.configuration_file.external
step_one = deployer.configuration_file.external_step_one
+external_csr_path = deployer.configuration_file.external_csr_path
if external and step_one:
-print_step_one_information(parser.mdict)
+if external_csr_path:
+print_external_ca_step_one_information(parser.mdict)
+else:
+print_existing_ca_step_one_information(parser.mdict)
else:
print_install_information(parser.mdict)
@@ -630,7 +634,7 @@ def set_port(parser, tag, prompt, existing_data):
parser.read_text(prompt, co