rpms / pki-core

Clone
Source Code
GIT

Blame SOURCES/pki-core-KRA-external-CA-partial-cert-chain.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-10.6 c8-stream-10.6 c8s-stream-10.6 c9 c9-beta
  1.   b9ff42302e71d8a095f1347dec21b384a90a0350
  2.   SOURCES
  3.   pki-core-KRA-external-CA-partial-cert-chain.patch
Blob History Raw
b9ff42 
From 1834a25a1982e2c2c49fde5998efdc7d10d3a29b Mon Sep 17 00:00:00 2001
b9ff42 
From: "Endi S. Dewata" <edewata@redhat.com>
b9ff42 
Date: Thu, 6 Oct 2016 22:08:15 +0200
b9ff42 
Subject: [PATCH] Fixed ConfigurationUtils.importCertChain().
b9ff42
b9ff42 
The ConfigurationUtils.importCertChain() has been modified to
b9ff42 
ignore UNKNOWN_ISSUER error when connecting to a server that
b9ff42 
does not have the complete certificate chain.
b9ff42
b9ff42 
https://fedorahosted.org/pki/ticket/2497
b9ff42 
(cherry picked from commit 343a756bb93abf057f2999858ba9e170fa84f143)
b9ff42 
(cherry picked from commit 6e0e2afbbeb1bb7acdf402edf5ca426bfc01a433)
b9ff42 
---
b9ff42 
 .../cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java   | 3 ++-
b9ff42 
 1 file changed, 2 insertions(+), 1 deletion(-)
b9ff42
b9ff42 
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
b9ff42 
index 34500d0..ecf8157 100644
b9ff42 
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
b9ff42 
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
b9ff42 
@@ -261,8 +261,9 @@ public class ConfigurationUtils {
b9ff42
b9ff42 
         IConfigStore cs = CMS.getConfigStore();
b9ff42 
         ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback();
b9ff42 
-        // Ignore untrusted issuer to get cert chain.
b9ff42 
+        // Ignore untrusted/unknown issuer to get cert chain.
b9ff42 
         certApprovalCallback.ignoreError(ValidityStatus.UNTRUSTED_ISSUER);
b9ff42 
+        certApprovalCallback.ignoreError(ValidityStatus.UNKNOWN_ISSUER);
b9ff42 
         String c = get(host, port, true, serverPath, null, certApprovalCallback);
b9ff42
b9ff42 
         if (c != null) {
b9ff42 
--
b9ff42 
1.8.3.1
b9ff42

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation