Due to a recently added validation code, the headerless PKCS #7
data generated by IPA needs to be joined into a single line before
storing it in CS.cfg.
Pushed to master under one-liner/trivial rule.
--
Endi S. Dewata
>From 9ac5e454dafe0d88f174f067e5e47f9d926f00a7 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Tue, 14 Jun 2016 05:55:01 +0200
Subject: [PATCH] Fixed problem with headerless PKCS #7 data.
Due to a recently added validation code, the headerless PKCS #7
data generated by IPA needs to be joined into a single line before
storing it in CS.cfg.
---
base/common/python/pki/nssdb.py | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/base/common/python/pki/nssdb.py b/base/common/python/pki/nssdb.py
index 2504a95797cae1eebe491df398d41c4129467650..0c27c3f19b6d938e4e335aaf0541d0ca0d0c1796 100644
--- a/base/common/python/pki/nssdb.py
+++ b/base/common/python/pki/nssdb.py
@@ -477,6 +477,13 @@ class NSSDatabase(object):
else: # import PKCS #7 data without header/footer
with open(cert_chain_file, 'r') as f:
base64_data = f.read()
+
+ # TODO: fix ipaserver/install/cainstance.py in IPA
+ # to no longer remove PKCS #7 header/footer
+
+ # join base-64 data into a single line
+ base64_data = base64_data.replace('\r', '').replace('\n', '')
+
pkcs7_data = convert_pkcs7(base64_data, 'base64', 'pem')
tmp_cert_chain_file = os.path.join(tmpdir, 'cert_chain.p7b')
--
2.5.5
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
