Browse Source

allow blank password files in pfx cert upload

Jason Rivard 9 years ago
parent
commit
caecbff3f0

+ 0 - 3
src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServlet.java

@@ -706,9 +706,6 @@ public class ConfigEditorServlet extends AbstractPwmServlet {
         if (setting == PwmSetting.HTTPS_CERT) {
             try {
                 final PasswordData passwordData = pwmRequest.readParameterAsPassword("password");
-                if (passwordData == null) {
-                    throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "missing password value", new String[]{"password"}));
-                }
                 final String alias = pwmRequest.readParameterAsString("alias");
                 final HttpsServerCertificateManager.KeyStoreFormat keyStoreFormat;
                 try {

+ 3 - 2
src/main/java/password/pwm/util/secure/HttpsServerCertificateManager.java

@@ -310,10 +310,11 @@ public class HttpsServerCertificateManager
             final PasswordData password,
             final String alias
     ) throws PwmUnrecoverableException {
+        final char[] charPassword = password == null ? new char[0] : password.getStringValue().toCharArray();
         final PrivateKeyCertificate privateKeyCertificate;
         try {
             final KeyStore keyStore = KeyStore.getInstance(keyStoreFormat.toString());
-            keyStore.load(inputStream, password.getStringValue().toCharArray());
+            keyStore.load(inputStream, charPassword);
 
             final String effectiveAlias;
             {
@@ -325,7 +326,7 @@ public class HttpsServerCertificateManager
                 effectiveAlias = allAliases.size() == 1 ? allAliases.iterator().next() : alias;
             }
 
-            final KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(password.getStringValue().toCharArray());
+            final KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charPassword);
             final KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(effectiveAlias, passwordProtection);
             if (entry == null) {
                 final String errorMsg = "unable to import https key entry with alias '" + alias + "'";

+ 1 - 1
src/main/webapp/public/resources/js/configeditor-settings.js

@@ -3158,7 +3158,7 @@ PrivateKeyHandler.draw = function(keyName) {
 
         var text = '<form autocomplete="off"><table class="noborder">';
         text += '<tr><td class="key">File Format</td><td><select id="input-certificateUpload-format"><option value="PKCS12">PKCS12 / PFX</option><option value="JKS">Java Keystore (JKS)</option></select></td></tr>';
-        text += '<tr><td class="key">Password</td><td><input required type="password" class="configInput" id="input-certificateUpload-password"/></td></tr>';
+        text += '<tr><td class="key">Password</td><td><input type="password" class="configInput" id="input-certificateUpload-password"/></td></tr>';
         text += '<tr><td class="key">Alias</td><td><input type="text" class="configInput" id="input-certificateUpload-alias"/><br/><span class="footnote">Alias only required if file has multiple aliases</span></td></tr>';
         text += '</table></form>';
         options['text'] = text;