From 3ba4a8a412fa60c947ecb3cee9d90fb24e590d54 Mon Sep 17 00:00:00 2001
From: Yannick Lecaillez <ylecaillez@forgerock.com>
Date: Wed, 18 Nov 2015 15:24:16 +0000
Subject: [PATCH] OPENDJ-2399: Start server fails if the jvm used does not contains an elliptic curve certificate provider.

---
 opendj-server-legacy/src/main/java/org/opends/server/tools/ConfigureDS.java |   32 ++++++++++++++++++++------------
 1 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/opendj-server-legacy/src/main/java/org/opends/server/tools/ConfigureDS.java b/opendj-server-legacy/src/main/java/org/opends/server/tools/ConfigureDS.java
index d7598aa..3d1685d 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/tools/ConfigureDS.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/tools/ConfigureDS.java
@@ -203,6 +203,10 @@
   /** The DN of the configuration entry defining the LDAPS connection handler. */
   private static final String DN_LDAPS_CONNECTION_HANDLER = "cn=LDAPS Connection Handler," + DN_CONNHANDLER_BASE;
 
+  /** The DN of the configuration entry defining the HTTP connection handler. */
+  private static final String DN_HTTP_CONNECTION_HANDLER =
+      "cn=HTTP Connection Handler,cn=Connection Handlers,cn=config";
+
   /** The DN of the configuration entry defining the JMX connection handler. */
   private static final String DN_JMX_CONNECTION_HANDLER = "cn=JMX Connection Handler," + DN_CONNHANDLER_BASE;
 
@@ -272,7 +276,7 @@
   private StringArgument rootPassword;
   private StringArgument keyManagerProviderDN;
   private StringArgument trustManagerProviderDN;
-  private StringArgument certNickName;
+  private StringArgument certNickNames;
   private StringArgument keyManagerPath;
   private StringArgument serverRoot;
   private StringArgument backendType;
@@ -439,11 +443,11 @@
           null, null, INFO_CONFIGDS_DESCRIPTION_KEYMANAGER_PATH.get());
       argParser.addArgument(keyManagerPath);
 
-      certNickName = new StringArgument(
+      certNickNames = new StringArgument(
           "certnickname", 'a', "certNickName",
-          false, false, true, INFO_NICKNAME_PLACEHOLDER.get(),
+          false, true, true, INFO_NICKNAME_PLACEHOLDER.get(),
           null, null, INFO_CONFIGDS_DESCRIPTION_CERTNICKNAME.get());
-      argParser.addArgument(certNickName);
+      argParser.addArgument(certNickNames);
 
       baseDNString = new StringArgument(
           "basedn", OPTION_SHORT_BASEDN, OPTION_LONG_BASEDN,
@@ -883,6 +887,7 @@
 
       putKeyManagerConfigAttribute(enableStartTLS, DN_LDAP_CONNECTION_HANDLER);
       putKeyManagerConfigAttribute(ldapsPort, DN_LDAPS_CONNECTION_HANDLER);
+      putKeyManagerConfigAttribute(ldapsPort, DN_HTTP_CONNECTION_HANDLER);
 
       if (keyManagerPath.isPresent())
       {
@@ -942,26 +947,29 @@
       }
       putTrustManagerAttribute(enableStartTLS, DN_LDAP_CONNECTION_HANDLER);
       putTrustManagerAttribute(ldapsPort, DN_LDAPS_CONNECTION_HANDLER);
+      putTrustManagerAttribute(ldapsPort, DN_HTTP_CONNECTION_HANDLER);
     }
 
-    if (certNickName.isPresent())
+    if (certNickNames.isPresent())
     {
-      final StringConfigAttribute certNickNameAttr = new StringConfigAttribute(
+      final StringConfigAttribute certNickNamesAttr = new StringConfigAttribute(
           ATTR_SSL_CERT_NICKNAME, INFO_LDAP_CONNHANDLER_DESCRIPTION_SSL_CERT_NICKNAME.get(),
-          false, false, true, certNickName.getValue());
-      updateCertNicknameEntry(ldapPort, DN_LDAP_CONNECTION_HANDLER, certNickNameAttr);
-      updateCertNicknameEntry(ldapsPort, DN_LDAPS_CONNECTION_HANDLER, certNickNameAttr);
+          false, true, true, certNickNames.getValues());
+      updateCertNicknameEntry(ldapPort, DN_LDAP_CONNECTION_HANDLER, certNickNamesAttr);
+      updateCertNicknameEntry(ldapsPort, DN_LDAPS_CONNECTION_HANDLER, certNickNamesAttr);
+      updateCertNicknameEntry(certNickNames, DN_HTTP_CONNECTION_HANDLER, certNickNamesAttr);
 
-      final StringConfigAttribute certNickNameJmxAttr = new StringConfigAttribute(
+      final StringConfigAttribute certNickNamesJmxAttr = new StringConfigAttribute(
           ATTR_SSL_CERT_NICKNAME, INFO_JMX_CONNHANDLER_DESCRIPTION_SSL_CERT_NICKNAME.get(),
-          false, false, true, certNickName.getValue());
-      updateCertNicknameEntry(jmxPort, DN_JMX_CONNECTION_HANDLER, certNickNameJmxAttr);
+          false, false, true, certNickNames.getValues());
+      updateCertNicknameEntry(jmxPort, DN_JMX_CONNECTION_HANDLER, certNickNamesJmxAttr);
     }
     else
     {
       // Use the key manager specified for connection handlers
       removeSSLCertNicknameAttribute(DN_LDAP_CONNECTION_HANDLER);
       removeSSLCertNicknameAttribute(DN_LDAPS_CONNECTION_HANDLER);
+      removeSSLCertNicknameAttribute(DN_HTTP_CONNECTION_HANDLER);
       removeSSLCertNicknameAttribute(DN_JMX_CONNECTION_HANDLER);
     }
   }

--
Gitblit v1.10.0