Fix renewal for HSM

Resolves: dogtagpki#4355

base/server/python/pki/server/__init__.py

@@ -883,8 +883,9 @@ def open_nssdb(self, token=pki.nssdb.INTERNAL_TOKEN_NAME,
             password=self.get_token_password(token),
             internal_password=self.get_token_password(),
             passwords=self.passwords,
-            user=user,
-            group=group)
+            password_conf=self.password_conf,
+            user=self.user,
+            group=self.group)
 
     def get_webapps(self):
 

base/server/python/pki/server/subsystem.py

@@ -1005,6 +1005,15 @@ def temp_cert_create(self, nssdb, cert_tag, serial, new_cert_file):
 
         aki = self.get_cert_ski(ca_cert_data)
 
+        nickname = ca_signing_cert['nickname']
+        token = pki.nssdb.normalize_token(ca_signing_cert['token'])
+
+        if token:
+            fullname = token + ':' + nickname
+        else:
+            fullname = nickname
+        logger.debug('Issuer: %s', fullname)
+
         csr_file = self.instance.csr_file(cert_tag)
         logger.debug('Reusing existing CSR in %s', csr_file)
 
@@ -1030,7 +1039,7 @@ def temp_cert_create(self, nssdb, cert_tag, serial, new_cert_file):
         logger.debug('Creating temp cert')
 
         rc = nssdb.create_cert(
-            issuer=ca_signing_cert['nickname'],
+            issuer=fullname,
             request_file=csr_file,
             cert_file=new_cert_file,
             serial=serial,