PR comments

2019-05-30 09:16:06 +01:00
parent b64c060ef4
commit 0a9c745d96
5 changed files with 13 additions and 13 deletions
--- a/cmd/runmqserver/main.go
+++ b/cmd/runmqserver/main.go
@@ -148,7 +148,7 @@ func doMain() error {
 	// Print out versioning information
 	logVersionInfo()
-	keylabel, cmsDB, p12Trust, _, err := tls.ConfigureTLSKeystores(keyDir, trustDir, keystoreDir)
+	keylabel, cmsDB, p12Trust, _, err := tls.ConfigureTLSKeystores(keyDir, trustDir, keyStoreDir)
 	if err != nil {
 		logTermination(err)
 		return err
--- a/cmd/runmqserver/tls.go
+++ b/cmd/runmqserver/tls.go
@@ -27,7 +27,7 @@ import (
 )
 // Location to store the keystores
-const keystoreDir = "/run/runmqserver/tls/"
+const keyStoreDir = "/run/runmqserver/tls/"
 // KeyDir is the location of the certificate keys to import
 const keyDir = "/etc/mqm/pki/keys"
@@ -124,10 +124,10 @@ func configureTLS(certLabel string, cmsKeystore tls.KeyStoreData, devmode bool)
 func configureSSOTLS(p12TrustStore tls.KeyStoreData) (string, error) {
 	// TODO find way to supply this
 	// Override the webstore variables to hard coded defaults
-	webkeyStoreName := tls.IntegrationDefaultLabel + ".p12"
+	webKeyStoreName := tls.IntegrationDefaultLabel + ".p12"
 	// Check keystore exists
-	ks := filepath.Join(keystoreDir, webkeyStoreName)
+	ks := filepath.Join(keyStoreDir, webKeyStoreName)
 	_, err := os.Stat(ks)
 	if err != nil {
 		return "", fmt.Errorf("Failed to find existing keystore %s: %v", ks, err)
@@ -145,5 +145,5 @@ func configureSSOTLS(p12TrustStore tls.KeyStoreData) (string, error) {
 		return "", err
 	}
-	return webkeyStoreName, nil
+	return webKeyStoreName, nil
 }
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -99,7 +99,7 @@ Using this technique, you can have full control over all aspects of the MQ insta
 ## Supplying TLS certificates
-If you wish to supply TLS Certificates that the queue manager and MQ Console should use for TLS operations then you must supply the unencrypted PEM files for both the certificates and private keys in the following directories:
+If you wish to supply TLS Certificates that the queue manager and MQ Console should use for TLS operations then you must supply a PKCS#1 or unencrypted PKCS#8 PEM files for both the certificates and private keys in the following directories:
 * `/etc/mqm/pki/keys/<Label>` - for certificates with public and private keys
 * `/etc/mqm/pki/trust/<index>` - for certificates with only the public key
--- a/internal/keystore/keystore.go
+++ b/internal/keystore/keystore.go
@@ -216,7 +216,7 @@ func (ks *KeyStore) RenameCertificate(from, to string) error {
 	return nil
 }
-// ListCertificates Lists all certificates in hte keystore
+// ListCertificates Lists all certificates in the keystore
 func (ks *KeyStore) ListAllCertificates() ([]string, error) {
 	out, _, err := command.Run(ks.command, "-cert", "-list", "-type", ks.keyStoreType, "-db", ks.Filename, "-pw", ks.Password)
 	if err != nil {
--- a/internal/tls/tls.go
+++ b/internal/tls/tls.go
@@ -404,7 +404,7 @@ func ConfigureTLSKeystores(keyDir, certDir, outputDir string) (string, KeyStoreD
 		return returnLabel, cmsKeyDB, p12TrustDB, keyFiles, err
 	}
-	returnLabel, err = expandOldTLSVarible(keyDir, outputDir, &cmsKeyDB, &p12TrustDB)
+	returnLabel, err = expandOldTLSVariable(keyDir, outputDir, &cmsKeyDB, &p12TrustDB)
 	if err != nil {
 		return returnLabel, cmsKeyDB, p12TrustDB, keyFiles, err
 	}
@@ -471,7 +471,7 @@ func handleIntegrationGeneratedCerts(keyDir string) error {
 }
 // This function supports the old mechanism of importing certificates supplied by the MQ_TLS_KEYSTORE envvar
-func expandOldTLSVarible(keyDir, outputDir string, cmsKeyDB, p12TrustDB *KeyStoreData) (string, error) {
+func expandOldTLSVariable(keyDir, outputDir string, cmsKeyDB, p12TrustDB *KeyStoreData) (string, error) {
 	// TODO: Change this or find a way to set it
 	outputDirName := "acopiedcertificate"
@@ -526,11 +526,11 @@ func expandOldTLSVarible(keyDir, outputDir string, cmsKeyDB, p12TrustDB *KeyStor
 		}
 		err = addCertToKeyData(&block, cmsKeyDB, false)
 		if err != nil {
-			return "", fmt.Errorf("expandOldTLSVarible: Failed to add cert to CMS Keystore duplicate list: %v", err)
+			return "", fmt.Errorf("expandOldTLSVariable: Failed to add cert to CMS Keystore duplicate list: %v", err)
 		}
 		err = addCertToKeyData(&block, p12TrustDB, true)
 		if err != nil {
-			return "", fmt.Errorf("expandOldTLSVarible: Failed to add cert to P12 Truststore duplicate list: %v", err)
+			return "", fmt.Errorf("expandOldTLSVariable: Failed to add cert to P12 Truststore duplicate list: %v", err)
 		}
 	}
@@ -546,13 +546,13 @@ func expandOldTLSVarible(keyDir, outputDir string, cmsKeyDB, p12TrustDB *KeyStor
 			// Add to the dup list for the CMS keystore
 			err = addCertToKeyData(&block, cmsKeyDB, false)
 			if err != nil {
-				return "", fmt.Errorf("expandOldTLSVarible: Failed to add CA cert %d to CMS Keystore duplicate list: %v", i, err)
+				return "", fmt.Errorf("expandOldTLSVariable: Failed to add CA cert %d to CMS Keystore duplicate list: %v", i, err)
 			}
 			// Add to the p12 truststore
 			err = addCertToKeyData(&block, p12TrustDB, true)
 			if err != nil {
-				return "", fmt.Errorf("expandOldTLSVarible: Failed to add CA cert %d to P12 Truststore duplicate list: %v", i, err)
+				return "", fmt.Errorf("expandOldTLSVariable: Failed to add CA cert %d to P12 Truststore duplicate list: %v", i, err)
 			}
 		}
 	}