cert-export read from config file or config folder

The command pki-server cert-export will read the certificate and the relative request from the "<instance>/config/certs" folder if not found in other places
dogtagpki · Oct 4, 2023 · f54a966 · f54a966
1 parent c034463
commit f54a966
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 8 deletions.
diff --git a/base/server/python/pki/server/cli/cert.py b/base/server/python/pki/server/cli/cert.py
@@ -959,11 +959,17 @@ def execute(self, argv):
                 logger.info('Exporting %s certificate into %s.', cert_id, cert_file)
 
                 cert_data = cert.get('data')
-                if cert_data is None:
-                    logger.error('Unable to find certificate data for %s', cert_id)
-                    sys.exit(1)
+                if cert_data:
+                    cert_data = pki.nssdb.convert_cert(cert_data, 'base64', 'pem')
+                else:
+                    crt_path = os.path.join(instance.conf_dir, 'conf', 'certs', cert_id + '.crt')
+                    try:
+                        with open(crt_path, 'r', encoding='utf-8') as f:
+                            cert_data = ''.join(f.readlines())
+                    except FileNotFoundError:
+                        logger.error('Unable to find certificate data for %s', cert_id)
+                        sys.exit(1)
 
-                cert_data = pki.nssdb.convert_cert(cert_data, 'base64', 'pem')
                 with open(cert_file, 'w', encoding='utf-8') as f:
                     f.write(cert_data)
 
@@ -972,11 +978,17 @@ def execute(self, argv):
                 logger.info('Exporting %s CSR into %s.', cert_id, csr_file)
 
                 cert_request = cert.get('request')
-                if cert_request is None:
-                    logger.error('Unable to find certificate request for %s', cert_id)
-                    sys.exit(1)
+                if cert_request:
+                    csr_data = pki.nssdb.convert_csr(cert_request, 'base64', 'pem')
+                else:
+                    csr_path = os.path.join(instance.conf_dir, 'conf', 'certs', cert_id + '.csr')
+                    try:
+                        with open(csr_path, 'r', encoding='utf-8') as f:
+                            csr_data = ''.join(f.readlines())
+                    except FileNotFoundError:
+                        logger.error('Unable to find certificate request for %s', cert_id)
+                        sys.exit(1)
 
-                csr_data = pki.nssdb.convert_csr(cert_request, 'base64', 'pem')
                 with open(csr_file, 'w', encoding='utf-8') as f:
                     f.write(csr_data)
 

diff --git a/base/server/python/pki/server/subsystem.py b/base/server/python/pki/server/subsystem.py
@@ -306,6 +306,7 @@ def get_cert_info(self, tag):
         cert['id'] = tag
         cert['nickname'] = self.config.get('%s.%s.nickname' % (self.name, tag))
         cert['token'] = self.config.get('%s.%s.tokenname' % (self.name, tag))
+        cert['data'] = self.config.get('%s.%s.cert' % (self.name, tag))
         cert['request'] = self.config.get('%s.%s.certreq' % (self.name, tag))
         cert['certusage'] = self.config.get('%s.cert.%s.certusage' % (self.name, tag))