CAData oldcadata = null;
int caid = cainfo.getCAId();
if (caid >= 0 && caid <= CAInfo.SPECIALCAIDBORDER) {
String msg = intres.getLocalizedMessage("caadmin.errorcaexists", cainfo.getName());
logSession.log(admin, admin.getCaId(), LogConstants.MODULE_CA, new java.util.Date(), null, null, LogConstants.EVENT_ERROR_CAEDITED, msg);
throw new CAExistsException(msg);
}
oldcadata = CAData.findById(entityManager, Integer.valueOf(caid));
// If it did not exist with a certain DN (caid) perhaps a CA with the
// same CA name exists?
if (oldcadata == null) {
oldcadata = CAData.findByName(entityManager, cainfo.getName());
}
boolean processinternalca = false;
if (oldcadata != null) {
// If we find an already existing CA, there is a good chance that we
// should throw an exception
// Saying that the CA already exists.
// However, if we have the same DN, and give the same name, we
// simply assume that the admin actually wants
// to treat an internal CA as an external CA, perhaps there is
// different HSMs connected for root CA and sub CA?
if (log.isDebugEnabled()) {
log.debug("Old castatus=" + oldcadata.getStatus() + ", oldcaid=" + oldcadata.getCaId().intValue() + ", caid=" + cainfo.getCAId()
+ ", oldcaname=" + oldcadata.getName() + ", name=" + cainfo.getName());
}
if (((oldcadata.getStatus() == SecConst.CA_WAITING_CERTIFICATE_RESPONSE) || (oldcadata.getStatus() == SecConst.CA_ACTIVE) || (oldcadata.getStatus() == SecConst.CA_EXTERNAL))
&& (oldcadata.getCaId().intValue() == cainfo.getCAId()) && (oldcadata.getName().equals(cainfo.getName()))) {
// Yes, we have all the same DN, CAName and the old CA is either
// waiting for a certificate response or is active
// (new CA or active CA that we want to renew)
// or it is an external CA that we want to issue a new
// certificate to
processinternalca = true;
if (oldcadata.getStatus() == SecConst.CA_EXTERNAL) {
log.debug("Renewing an external CA.");
} else {
log.debug("Processing an internal CA, as an external.");
}
} else {
String msg = intres.getLocalizedMessage("caadmin.errorcaexists", cainfo.getName());
log.info(msg);
throw new CAExistsException(msg);
}
}
// get signing CA
if (cainfo.getSignedBy() > CAInfo.SPECIALCAIDBORDER || cainfo.getSignedBy() < 0) {