The PKI CLI has been modified to create a default NSS database without a password if there is no existing database at the expected location.
Pushed to master under trivial rule. -- Endi S. Dewata
>From 8b85ace2a2761c8451a11b4df8f142bd291cd6d4 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Fri, 17 Mar 2017 07:55:11 +0100 Subject: [PATCH] Default NSS database for PKI CLI. The PKI CLI has been modified to create a default NSS database without a password if there is no existing database at the expected location. --- .../src/com/netscape/cmstools/cli/MainCLI.java | 28 ++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index 0a9ddf0a6db3a205cdc0a11bdaa521d883f22d05..75904edc69b822b56007c0935f66d8b1b20960a3 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -467,12 +467,32 @@ public class MainCLI extends CLI { public void init() throws Exception { - // Main program should initialize client security database - if (certDatabase.exists()) { - if (verbose) System.out.println("Initializing client security database"); - CryptoManager.initialize(certDatabase.getAbsolutePath()); + // Create security database if it doesn't exist + if (!certDatabase.exists()) { + + if (verbose) System.out.println("Creating security database"); + + certDatabase.mkdirs(); + + String[] commands = { + "/usr/bin/certutil", "-N", + "-d", certDatabase.getAbsolutePath(), + "--empty-password" + }; + + Runtime rt = Runtime.getRuntime(); + Process p = rt.exec(commands); + + int rc = p.waitFor(); + if (rc != 0) { + throw new Exception("Unable to create security database: " + certDatabase.getAbsolutePath() + " (rc: " + rc + ")"); + } } + // Main program should initialize security database + if (verbose) System.out.println("Initializing security database"); + CryptoManager.initialize(certDatabase.getAbsolutePath()); + // If password is specified, use password to access security token if (config.getCertPassword() != null) { if (verbose) System.out.println("Logging into security token"); -- 2.9.3
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel