The PKI CLI has been modified to support client cert authentication
without NSS database password.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 516e9360f96721bdbd0301b12120c9d47225e5e4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Tue, 21 Mar 2017 02:46:12 +0100
Subject: [PATCH] Allowing client cert auth without NSS database password.
The PKI CLI has been modified to support client cert authentication
without NSS database password.
---
base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java | 11 -----------
1 file changed, 11 deletions(-)
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 6536951733dda38ef27b48871ff945aa55eb58de..d7246d60ccdd7357fa236acca959c27de1e07510 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -366,9 +366,6 @@ public class MainCLI extends CLI {
if (certPasswordFile != null && certPassword != null) {
throw new Exception("The '-C' and '-c' options are mutually exclusive.");
-
- } else if (certPasswordFile == null && certPassword == null) {
- throw new Exception("Missing security database password.");
}
} else if (username != null) { // basic authentication
@@ -402,14 +399,6 @@ public class MainCLI extends CLI {
// XXX TBD set client security database token
certPassword = tokenPasswordPair[1];
-
- } else if (certNickname != null && certPassword == null) {
- // prompt for security database password if required for authentication
- //
- // NOTE: This overrides the password callback provided
- // by JSS for NSS security database authentication.
- //
- certPassword = promptForPassword("Enter Client Security Database Password: ");
}
// store security database password
--
2.9.3
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
