Replace CAEngine.ensureAuthorityDNAvailable() with getCA()

dogtagpki · Oct 5, 2023 · 726afdb · 726afdb
1 parent 2d10490
commit 726afdb
Showing 1 changed file with 7 additions and 12 deletions.
diff --git a/base/ca/src/main/java/org/dogtagpki/server/ca/CAEngine.java b/base/ca/src/main/java/org/dogtagpki/server/ca/CAEngine.java
@@ -1096,16 +1096,6 @@ public CertificateAuthority getCA(X500Name dn) {
         return null;
     }
 
-    public void ensureAuthorityDNAvailable(X500Name dn)
-            throws IssuerUnavailableException {
-
-        for (CertificateAuthority ca : getCAs()) {
-            if (ca.getX500Name().equals(dn))
-                throw new IssuerUnavailableException(
-                    "DN '" + dn + "' is used by an existing authority");
-        }
-    }
-
     /**
      * Create a CA signed by a parent CA.
      *
@@ -1123,7 +1113,12 @@ public CertificateAuthority createCA(
 
         // check requested DN
         X500Name subjectX500Name = new X500Name(subjectDN);
-        ensureAuthorityDNAvailable(subjectX500Name);
+        CertificateAuthority ca = getCA(subjectX500Name);
+
+        if (ca != null) {
+            throw new IssuerUnavailableException(
+                    "DN '" + subjectX500Name + "' is used by an existing authority");
+        }
 
         // generate authority ID and nickname
         AuthorityID aid = new AuthorityID();
@@ -1186,7 +1181,7 @@ public CertificateAuthority createCA(
             throw e;
         }
 
-        CertificateAuthority ca = new CertificateAuthority(
+        ca = new CertificateAuthority(
             subjectX500Name,
             aid,
             parentCA.getAuthorityID(),