Index: pki/base/ca/shared/conf/CS.cfg =================================================================== --- pki/base/ca/shared/conf/CS.cfg (revision 2389) +++ pki/base/ca/shared/conf/CS.cfg (working copy) @@ -55,6 +55,7 @@ ca.cert.subsystem.certusage=SSLClient ca.cert.audit_signing.certusage=ObjectSigner preop.cert.list=signing,ocsp_signing,sslserver,subsystem,audit_signing +preop.cert.rsalist=audit_signing preop.cert.signing.enable=true preop.cert.ocsp_signing.enable=true preop.cert.sslserver.enable=true Index: pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java =================================================================== --- pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java (revision 2381) +++ pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java (working copy) @@ -143,6 +143,8 @@ // same token for now String token = config.getString(PRE_CONF_CA_TOKEN); String certTags = config.getString("preop.cert.list"); + String rsaCertTags = config.getString("preop.cert.rsalist", ""); + context.put("rsaTags", rsaCertTags); StringTokenizer st = new StringTokenizer(certTags, ","); mShowSigning = false; Index: pki/base/kra/shared/conf/CS.cfg =================================================================== --- pki/base/kra/shared/conf/CS.cfg (revision 2381) +++ pki/base/kra/shared/conf/CS.cfg (working copy) @@ -45,6 +45,7 @@ kra.cert.subsystem.certusage=SSLClient kra.cert.audit_signing.certusage=ObjectSigner preop.cert.list=transport,storage,sslserver,subsystem,audit_signing +preop.cert.rsalist=transport,storage,audit_signing preop.cert.transport.enable=true preop.cert.storage.enable=true preop.cert.sslserver.enable=true Index: pki/redhat/common-ui/shared/admin/console/config/sizepanel.vm =================================================================== --- pki/redhat/common-ui/shared/admin/console/config/sizepanel.vm (revision 15995) +++ pki/redhat/common-ui/shared/admin/console/config/sizepanel.vm (working copy) @@ -35,6 +35,7 @@ var ecclist="${ecclist}"; var curvelist="${curvelist}"; var displaycurvelist = "${displaycurvelist}"; +var rsaTags = "${rsaTags}"; function myOnLoad() { var form = document.forms[0]; @@ -143,7 +144,7 @@ } else { algSelect = document.forms[0].elements[certTag + '_keyalgorithm']; } - if (algSelect == undefined) { + if (typeof(algSelect) == "undefined") { return; } algSelect.options.length=0; @@ -179,6 +180,9 @@ } else { algSelect = document.forms[0].elements[certTag + '_signingalgorithm']; } + if (typeof(algSelect) == "undefined") { + return; + } algSelect.options.length=0; if (keyType == "rsa") { list = rsalist.split(","); @@ -229,6 +233,17 @@ } } +function indexOfTag(tag) +{ + var index = rsaTags.indexOf(tag); + if (index > 0) { + if (rsaTags.charAt(index-1) != ',') { + index = -1; + } + } + return index; +} + function keyTypeChange(certTag) { var form = document.forms[0]; @@ -237,13 +252,18 @@ keyTypeSelect = document.forms[0].elements['keytype']; for (var i = 0; i < form.length; i++) { var name = form[i].name; - if (name.indexOf('_keytype') != -1) { - form.elements[name].selectedIndex = keyTypeSelect.selectedIndex; + var k = name.indexOf('_keytype'); + if (k != -1) { + var tag = name.substring(0, k); + if ((keyTypeSelect.value.indexOf('ecc') != -1) && + (indexOfTag(tag) == -1)) { + form.elements[name].selectedIndex = keyTypeSelect.selectedIndex; + setAlgOptions(keyTypeSelect.value, tag); + setSigningAlgOptions(keyTypeSelect.value, tag); + toggleKeyCurve(keyTypeSelect.value, tag); + } } } - setAllAlgOptions(keyTypeSelect.value); - setAllSigningAlgOptions(keyTypeSelect.value); - toggleAllKeyCurves(keyTypeSelect.value); } else { keyTypeSelect = document.forms[0].elements[certTag + '_keytype']; toggleKeyCurve(keyTypeSelect.value, certTag);