Previously the pki user-cert-add fails to check whether the server has a CA subsystem when it's invoked over SSL. That is because the CLI tries to establish a new but improperly set up SSL connection. Now the CLI has been modified to use the existing server connection.
https://fedorahosted.org/pki/ticket/1517 Pushed to master and 10.3 branch under trivial/one-liner rule. -- Endi S. Dewata
>From 426f00afbdf73dde4c39d988e605dddaa5bb97ca Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Wed, 23 Nov 2016 05:17:43 +0100 Subject: [PATCH] Fixed problem with pki user-cert-add. Previously the pki user-cert-add fails to check whether the server has a CA subsystem when it's invoked over SSL. That is because the CLI tries to establish a new but improperly set up SSL connection. Now the CLI has been modified to use the existing server connection. https://fedorahosted.org/pki/ticket/1517 --- .../netscape/certsrv/client/SubsystemClient.java | 28 ++++++---------------- 1 file changed, 7 insertions(+), 21 deletions(-) diff --git a/base/common/src/com/netscape/certsrv/client/SubsystemClient.java b/base/common/src/com/netscape/certsrv/client/SubsystemClient.java index cbc17ac3fb2bcdcefc52676a9e00a33a00a0c636..bf329afcbb8b617cfedc10afe9df1b07439ce3f0 100644 --- a/base/common/src/com/netscape/certsrv/client/SubsystemClient.java +++ b/base/common/src/com/netscape/certsrv/client/SubsystemClient.java @@ -17,13 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.client; -import java.net.URI; import java.net.URISyntaxException; -import org.apache.http.HttpResponse; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.impl.client.CloseableHttpClient; -import org.apache.http.impl.client.HttpClientBuilder; +import javax.ws.rs.core.Response; import com.netscape.certsrv.account.AccountClient; @@ -52,22 +48,12 @@ public class SubsystemClient extends Client { public boolean exists() throws Exception { - ClientConfig config = client.getConfig(); - URI serverURI = config.getServerURI(); - URI subsystemURI = new URI( - serverURI.getScheme(), - null, - serverURI.getHost(), - serverURI.getPort(), - "/" + name, - null, - null); + PKIConnection connection = client.getConnection(); + Response response = connection.get("/" + name); - HttpGet method = new HttpGet(subsystemURI); - try (CloseableHttpClient client = HttpClientBuilder.create().build()) { - HttpResponse response = client.execute(method); - int code = response.getStatusLine().getStatusCode(); + try { + int code = response.getStatus(); if (code == 200) { return true; @@ -76,11 +62,11 @@ public class SubsystemClient extends Client { return false; } else { - throw new Exception("Error: " + response.getStatusLine()); + throw new Exception("Error: " + response.getStatusInfo()); } } finally { - method.releaseConnection(); + response.close(); } } -- 2.5.5
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel