Examples with CertificateExpiredException java.security.cert.CertificateExpiredException used on opensource projects

Example 1 with CertificateExpiredException

use of java.security.cert.CertificateExpiredException in project robovm by robovm.

the class CertificateExpiredExceptionTest method testCertificateExpiredException01.

/**
     * Test for <code>CertificateExpiredException()</code> constructor
     * Assertion: constructs CertificateExpiredException with no detail message
     */
public void testCertificateExpiredException01() {
    CertificateExpiredException tE = new CertificateExpiredException();
    assertNull("getMessage() must return null.", tE.getMessage());
    assertNull("getCause() must return null", tE.getCause());
}

Example 2 with CertificateExpiredException

use of java.security.cert.CertificateExpiredException in project jdk8u_jdk by JetBrains.

the class SignatureFile method signerInfo.

/**
     * Returns a string of singer info, with a newline at the end
     */
private String signerInfo(CodeSigner signer, String tab) {
    if (cacheForSignerInfo.containsKey(signer)) {
        return cacheForSignerInfo.get(signer);
    }
    StringBuffer s = new StringBuffer();
    List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
    // display the signature timestamp, if present
    Date timestamp;
    Timestamp ts = signer.getTimestamp();
    if (ts != null) {
        s.append(printTimestamp(tab, ts));
        s.append('\n');
        timestamp = ts.getTimestamp();
    } else {
        timestamp = null;
        noTimestamp = true;
    }
    // display the certificate(s). The first one is end-entity cert and
    // its KeyUsage should be checked.
    boolean first = true;
    for (Certificate c : certs) {
        s.append(printCert(tab, c, true, timestamp, first));
        s.append('\n');
        first = false;
    }
    try {
        validateCertChain(certs);
    } catch (Exception e) {
        if (debug) {
            e.printStackTrace();
        }
        if (e.getCause() != null && (e.getCause() instanceof CertificateExpiredException || e.getCause() instanceof CertificateNotYetValidException)) {
        // No more warning, we alreay have hasExpiredCert or notYetValidCert
        } else {
            chainNotValidated = true;
            s.append(tab + rb.getString(".CertPath.not.validated.") + e.getLocalizedMessage() + // TODO
            "]\n");
        }
    }
    String result = s.toString();
    cacheForSignerInfo.put(signer, result);
    return result;
}

Example 3 with CertificateExpiredException

use of java.security.cert.CertificateExpiredException in project jdk8u_jdk by JetBrains.

the class SignatureFile method getAliasInfo.

void getAliasInfo(String alias) {
    Key key = null;
    try {
        java.security.cert.Certificate[] cs = null;
        if (altCertChain != null) {
            try (FileInputStream fis = new FileInputStream(altCertChain)) {
                cs = CertificateFactory.getInstance("X.509").generateCertificates(fis).toArray(new Certificate[0]);
            } catch (FileNotFoundException ex) {
                error(rb.getString("File.specified.by.certchain.does.not.exist"));
            } catch (CertificateException | IOException ex) {
                error(rb.getString("Cannot.restore.certchain.from.file.specified"));
            }
        } else {
            try {
                cs = store.getCertificateChain(alias);
            } catch (KeyStoreException kse) {
            // this never happens, because keystore has been loaded
            }
        }
        if (cs == null || cs.length == 0) {
            if (altCertChain != null) {
                error(rb.getString("Certificate.chain.not.found.in.the.file.specified."));
            } else {
                MessageFormat form = new MessageFormat(rb.getString("Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and"));
                Object[] source = { alias, alias };
                error(form.format(source));
            }
        }
        certChain = new X509Certificate[cs.length];
        for (int i = 0; i < cs.length; i++) {
            if (!(cs[i] instanceof X509Certificate)) {
                error(rb.getString("found.non.X.509.certificate.in.signer.s.chain"));
            }
            certChain[i] = (X509Certificate) cs[i];
        }
        // We don't meant to print anything, the next call
        // checks validity and keyUsage etc
        printCert("", certChain[0], true, null, true);
        try {
            validateCertChain(Arrays.asList(certChain));
        } catch (Exception e) {
            if (debug) {
                e.printStackTrace();
            }
            if (e.getCause() != null && (e.getCause() instanceof CertificateExpiredException || e.getCause() instanceof CertificateNotYetValidException)) {
            // No more warning, we alreay have hasExpiredCert or notYetValidCert
            } else {
                chainNotValidated = true;
            }
        }
        try {
            if (!token && keypass == null)
                key = store.getKey(alias, storepass);
            else
                key = store.getKey(alias, keypass);
        } catch (UnrecoverableKeyException e) {
            if (token) {
                throw e;
            } else if (keypass == null) {
                // Did not work out, so prompt user for key password
                MessageFormat form = new MessageFormat(rb.getString("Enter.key.password.for.alias."));
                Object[] source = { alias };
                keypass = getPass(form.format(source));
                key = store.getKey(alias, keypass);
            }
        }
    } catch (NoSuchAlgorithmException e) {
        error(e.getMessage());
    } catch (UnrecoverableKeyException e) {
        error(rb.getString("unable.to.recover.key.from.keystore"));
    } catch (KeyStoreException kse) {
    // this never happens, because keystore has been loaded
    }
    if (!(key instanceof PrivateKey)) {
        MessageFormat form = new MessageFormat(rb.getString("key.associated.with.alias.not.a.private.key"));
        Object[] source = { alias };
        error(form.format(source));
    } else {
        privateKey = (PrivateKey) key;
    }
}

Example 4 with CertificateExpiredException

use of java.security.cert.CertificateExpiredException in project jdk8u_jdk by JetBrains.

the class CertsInFilesystemDirectoryResolver method readCertsFromHarddrive.

/**
     * Method readCertsFromHarddrive
     *
     * @throws StorageResolverException
     */
private void readCertsFromHarddrive() throws StorageResolverException {
    File certDir = new File(this.merlinsCertificatesDir);
    List<String> al = new ArrayList<String>();
    String[] names = certDir.list();
    for (int i = 0; i < names.length; i++) {
        String currentFileName = names[i];
        if (currentFileName.endsWith(".crt")) {
            al.add(names[i]);
        }
    }
    CertificateFactory cf = null;
    try {
        cf = CertificateFactory.getInstance("X.509");
    } catch (CertificateException ex) {
        throw new StorageResolverException("empty", ex);
    }
    if (cf == null) {
        throw new StorageResolverException("empty");
    }
    for (int i = 0; i < al.size(); i++) {
        String filename = certDir.getAbsolutePath() + File.separator + al.get(i);
        File file = new File(filename);
        boolean added = false;
        String dn = null;
        FileInputStream fis = null;
        try {
            fis = new FileInputStream(file);
            X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);
            //add to ArrayList
            cert.checkValidity();
            this.certs.add(cert);
            dn = cert.getSubjectX500Principal().getName();
            added = true;
        } catch (FileNotFoundException ex) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
            }
        } catch (CertificateNotYetValidException ex) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
            }
        } catch (CertificateExpiredException ex) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
            }
        } catch (CertificateException ex) {
            if (log.isLoggable(java.util.logging.Level.FINE)) {
                log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
            }
        } finally {
            try {
                if (fis != null) {
                    fis.close();
                }
            } catch (IOException ex) {
                if (log.isLoggable(java.util.logging.Level.FINE)) {
                    log.log(java.util.logging.Level.FINE, "Could not add certificate from file " + filename, ex);
                }
            }
        }
        if (added && log.isLoggable(java.util.logging.Level.FINE)) {
            log.log(java.util.logging.Level.FINE, "Added certificate: " + dn);
        }
    }
}

Example 5 with CertificateExpiredException

use of java.security.cert.CertificateExpiredException in project knox by apache.

the class JettySSLService method logAndValidateCertificate.

private void logAndValidateCertificate() throws ServiceLifecycleException {
    // let's log the hostname (CN) and cert expiry from the gateway's public cert to aid in SSL debugging
    Certificate cert;
    try {
        cert = as.getCertificateForGateway("gateway-identity");
    } catch (AliasServiceException e) {
        throw new ServiceLifecycleException("Cannot Retreive Gateway SSL Certificate. Server will not start.", e);
    }
    if (cert != null) {
        if (cert instanceof X509Certificate) {
            X500Principal x500Principal = ((X509Certificate) cert).getSubjectX500Principal();
            X500PrincipalParser parser = new X500PrincipalParser(x500Principal);
            log.certificateHostNameForGateway(parser.getCN());
            Date notBefore = ((X509Certificate) cert).getNotBefore();
            Date notAfter = ((X509Certificate) cert).getNotAfter();
            log.certificateValidityPeriod(notBefore, notAfter);
            // let's not even start if the current date is not within the validity period for the SSL cert
            try {
                ((X509Certificate) cert).checkValidity();
            } catch (CertificateExpiredException e) {
                throw new ServiceLifecycleException("Gateway SSL Certificate is Expired. Server will not start.", e);
            } catch (CertificateNotYetValidException e) {
                throw new ServiceLifecycleException("Gateway SSL Certificate is not yet valid. Server will not start.", e);
            }
        } else {
            throw new ServiceLifecycleException("Public certificate for the gateway cannot be found with the alias gateway-identity. Plase check the identity certificate alias.");
        }
    } else {
        throw new ServiceLifecycleException("Public certificate for the gateway is not of the expected type of X509Certificate. Something is wrong with the gateway keystore.");
    }
}