# # Install a new SSLConfig. #################################################################### # Patrick Finnegan 31/01/2007. V1. #################################################################### proc installSSLConfig { propertiesFile } { global AdminConfig global AdminTask # display procedure arguments. putsLog "proc - [info level 0 ]" foreach i [ info args installLdap ] { upvar 0 $i ilocal set propertiesArray($i) $ilocal } putsLog "procedure arguments are.................." foreach { a b } [ array get propertiesArray ] { putsLog [ format "%-35s %s" "$a" "$b" ] } # get and display the existing SSLConfigs. putsLog "existing SSLConfigs are:............" if { [ catch { $AdminConfig list SSLConfig } r ] == 0 } { set SSLConfigList $r foreach i $SSLConfigList { set SSLConfigName [ $AdminConfig showAttribute $i alias ] putsLog [ format "%-5s %s" " " $SSLConfigName ] } } else { return -code error $r } # call the hashMapList proc which returns a sorted list from the Property object loaded from the properties file. putsLog "new SSLConfig properties are:............" if { [ catch { hashMapList $propertiesFile } r ] == 0 } { set propertiesList $r foreach a $propertiesList { putsLog [ format "%-5s %-40s %-s" " " [ lindex $a 0 ] [ lindex $a 1 ] ] } } else { return -code error $r } # call the hashMap proc which returns a Property object populated with property file values. if { [ catch { hashMap $propertiesFile } r ] == 0 } { set PropertyI $r } else { return -code error $r } #drill down from the Security object and get repertoire(type SSLConfig) # check if the target SSLConfig already exists. If so delete. set securityId [ $AdminConfig list Security ] set repertoireList [ lindex [ $AdminConfig showAttribute $securityId repertoire ] 0 ] set SSLConfigName [ $PropertyI getProperty SSLConfig.alias ] foreach i $repertoireList { set alias [ $AdminConfig showAttribute $i alias ] if { $alias == $SSLConfigName } { if { [ catch { $AdminConfig remove $i } r ] == 0 } { putsLog "SSLConfig removed successfully: $SSLConfigName" } else { putsLog "ERROR: error removing SSLConfig: $SSLConfigName" return -code error $r } } } # set the SSLConfig properties. set attrList [ setProperties $PropertyI ] #puts $attrList if { [ catch { $AdminConfig create SSLConfig $securityId $attrList repertoire } r ] == 0 } { putsLog "************************************" putsLog "SSLConfig created successfully:" putsLog $r putsLog "************************************" } else { putsLog "************************************" putsLog "ERROR: problem creating SSLConfig" putsLog $r putsLog "************************************" return -code error $r } } ###################################### # set SSLConfig attributes. ###################################### proc setProperties { PropertyI } { global AdminConfig putsLog "proc - [info level 0 ]" foreach i [ info args setProperties ] { upvar 0 $i ilocal set propertiesArray($i) $ilocal } putsLog "procedure arguments are: .................." foreach { a b } [ array get propertiesArray ] { putsLog [ format "%-35s %s" "$a" "$b" ] } set aliasList [ list alias [ $PropertyI getProperty SSLConfig.alias ] ] # get the keystore id. set keyStoreName [ $PropertyI getProperty SSLConfig.setting.keyStore ] if { [ catch { $AdminConfig getid /KeyStore:$keyStoreName/ } r ] == 0 } { if { $r != {} } { set keyStoreId $r } else { putsLog "ERROR: $keyStoreName does not exist." return -code error $r } } else { return -code error $r } set keyStore [ list keyStore $keyStoreId ] set trustStore [ list trustStore $keyStoreId ] set settingList [ list setting [ list $keyStore $trustStore ] ] set attrList [ list $aliasList $settingList ] return $attrList }