[PATCH] 807-809 Fixed PKCS #12 import for cloning.
by Endi Sukma Dewata
To fix cloning issue in IPA the security_database.py has been
modified to import all certificates and keys in the PKCS #12 file
before the PKI server is started. Since the PKCS #12 generated by
IPA may not contain the certificate trust flags, the script will
also reset the trust flags on the imported certificates (i.e.
CT,C,C for CA certificate and u,u,Pu for audit certificate).
https://fedorahosted.org/pki/ticket/2424
--
Endi S. Dewata
8 years, 6 months
[PATCH] Fix NumberFormatException for tps-cert-find when given non integer value to size and start option
by Geetika Kapoor
Hi,
I tried to fix NumberFormatException when i did tps-cert-find with
non-integer/invalid range value for size and start.I was doing testing
for tps-cert and then i came across this.I thought giving some
additional info to users inplace of numberformat.I have done similar
fix on rhel7 compile it and make a jar and test on rhel7 .I can share
that patch if needed. Below are the test result.
Before fix testing:
1. pki -h pki1.example.com -p 25080 tps-cert-find --start "gy"
NumberFormatException: For input string: "gy"
2. pki -h pki1.example.com -p 25080 tps-cert-find --size "gy"
NumberFormatException: For input string: "gy"
3. pki -p 25080 tps-cert-find --start
1789999999999999999999999999999999999999999999
NumberFormatException: For input string:
"1789999999999999999999999999999999999999999999"
After fix testing:
1. [root@pki1 ~]# pki -d /opt/rhqa_pki/certdb -c Secret123 -h
pki1.example.com -p 25080 tps-cert-find --start "gy"
Error: Enter valid integer value for size/start option
usage: tps-cert-find [FILTER] [OPTIONS...]
--help Show help options
--size <size> Page size
--start <start> Page start
--token <ID> Token ID
2. [root@pki1 ~]# pki -d /opt/rhqa_pki/certdb -c Secret123 -h
pki1.example.com -p 25080 tps-cert-find --size "hy"
Error: Enter valid integer value for size/start option
usage: tps-cert-find [FILTER] [OPTIONS...]
--help Show help options
--size <size> Page size
--start <start> Page start
--token <ID> Token ID
3. [root@pki1 ~]# pki -d /opt/rhqa_pki/certdb -c Secret123 -h
pki1.example.com -p 25080 tps-cert-find --start 1
-----------------
2 entries matched
-----------------
Cert ID: 3d.20160720042931
Serial Number: 0x3d
Subject: UID=ldapuser7,O=Token Key User
Token ID: 40906145C76224192D78
Key Type: encryption
Status: active
User ID: ldapuser7
Create Time: Wed Jul 20 04:29:31 EDT 2016
----------------------------
Number of entries returned 1
----------------------------
4. [root@pki1 ~]# pki -d /opt/rhqa_pki/certdb -c Secret123 -h
pki1.example.com -p 25080 tps-cert-find --size 1
-----------------
2 entries matched
-----------------
Cert ID: 3c.20160720042931
Serial Number: 0x3c
Subject: UID=ldapuser7,O=Token Key User
Token ID: 40906145C76224192D78
Key Type: signing
Status: active
User ID: ldapuser7
Create Time: Wed Jul 20 04:29:31 EDT 2016
----------------------------
Number of entries returned 1
----------------------------
5. [root@pki1 cert]# pki -d /opt/rhqa_pki/certdb -c Secret123 -h
pki1.example.com -p 25080 tps-cert-find --start
1789999999999999999999999999999999999999999999
Error: Enter valid integer value for size/start option
usage: tps-cert-find [FILTER] [OPTIONS...]
--help Show help options
--size <size> Page size
--start <start> Page start
--token <ID> Token ID
Thanks
Geetika
8 years, 6 months