Example 6 with Certificate
use of com.android.apksig.internal.x509.Certificate in project kubernetes-client by fabric8io.
the class CertificateCreate method main.
public static void main(String[] args) {
try (NamespacedCertManagerClient certManagerClient = new DefaultCertManagerClient()) {
String namespace = "default";
Certificate certificate = new CertificateBuilder().build();
// Create Certificate
certManagerClient.v1().certificates().inNamespace(namespace).create(certificate);
System.out.println("Created: " + certificate.getMetadata().getName());
// List Certificate
CertificateList certificateList = certManagerClient.v1().certificates().inNamespace(namespace).list();
System.out.println("There are " + certificateList.getItems().size() + " TaskRun objects in " + namespace);
}
}
Also used :
NamespacedCertManagerClient(io.fabric8.certmanager.client.NamespacedCertManagerClient)
DefaultCertManagerClient(io.fabric8.certmanager.client.DefaultCertManagerClient)
CertificateBuilder(io.fabric8.certmanager.api.model.v1.CertificateBuilder)
CertificateList(io.fabric8.certmanager.api.model.v1.CertificateList)
Certificate(io.fabric8.certmanager.api.model.v1.Certificate)
Example 7 with Certificate
use of com.android.apksig.internal.x509.Certificate in project kubernetes-client by fabric8io.
the class CertificateCreate method main.
public static void main(String[] args) {
try (NamespacedCertManagerClient certManagerClient = new DefaultCertManagerClient()) {
String namespace = "default";
Certificate certificate = new CertificateBuilder().build();
// Create Certificate
certManagerClient.v1alpha2().certificates().inNamespace(namespace).create(certificate);
System.out.println("Created: " + certificate.getMetadata().getName());
// List Certificate
CertificateList certificateList = certManagerClient.v1alpha2().certificates().inNamespace(namespace).list();
System.out.println("There are " + certificateList.getItems().size() + " TaskRun objects in " + namespace);
}
}
Also used :
NamespacedCertManagerClient(io.fabric8.certmanager.client.NamespacedCertManagerClient)
DefaultCertManagerClient(io.fabric8.certmanager.client.DefaultCertManagerClient)
CertificateBuilder(io.fabric8.certmanager.api.model.v1alpha2.CertificateBuilder)
CertificateList(io.fabric8.certmanager.api.model.v1alpha2.CertificateList)
Certificate(io.fabric8.certmanager.api.model.v1alpha2.Certificate)
Example 8 with Certificate
use of com.android.apksig.internal.x509.Certificate in project kubernetes-client by fabric8io.
the class CertificateCreate method main.
public static void main(String[] args) {
try (NamespacedCertManagerClient certManagerClient = new DefaultCertManagerClient()) {
String namespace = "default";
Certificate certificate = new CertificateBuilder().build();
// Create Certificate
certManagerClient.v1alpha3().certificates().inNamespace(namespace).create(certificate);
System.out.println("Created: " + certificate.getMetadata().getName());
// List Certificate
CertificateList certificateList = certManagerClient.v1alpha3().certificates().inNamespace(namespace).list();
System.out.println("There are " + certificateList.getItems().size() + " TaskRun objects in " + namespace);
}
}
Also used :
NamespacedCertManagerClient(io.fabric8.certmanager.client.NamespacedCertManagerClient)
DefaultCertManagerClient(io.fabric8.certmanager.client.DefaultCertManagerClient)
CertificateBuilder(io.fabric8.certmanager.api.model.v1alpha3.CertificateBuilder)
CertificateList(io.fabric8.certmanager.api.model.v1alpha3.CertificateList)
Certificate(io.fabric8.certmanager.api.model.v1alpha3.Certificate)
Example 9 with Certificate
use of com.android.apksig.internal.x509.Certificate in project TLS-Scanner by tls-attacker.
the class TrustAnchorManager method getFullCaCertificateSet.
private Set<Certificate> getFullCaCertificateSet() {
Set<Certificate> certificateSet = new HashSet<>();
for (CertificateEntry entry : trustAnchors.values()) {
InputStream resourceAsStream = TrustAnchorManager.class.getClassLoader().getResourceAsStream("trust/" + entry.getFingerprint() + ".pem");
try {
org.bouncycastle.crypto.tls.Certificate cert = PemUtil.readCertificate(resourceAsStream);
certificateSet.add(cert.getCertificateAt(0));
} catch (IOException | CertificateException ex) {
LOGGER.error("Could not load Certificate:" + entry.getSubjectName() + "/" + entry.getFingerprint(), ex);
}
}
return certificateSet;
}
Also used :
BufferedInputStream(java.io.BufferedInputStream)
InputStream(java.io.InputStream)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
HashSet(java.util.HashSet)
Example 10 with Certificate
use of com.android.apksig.internal.x509.Certificate in project snowflake-jdbc by snowflakedb.
the class SFTrustManager method isCached.
/**
* Is OCSP Response cached?
*
* @param pairIssuerSubjectList a list of pair of issuer and subject certificates
* @return true if all of OCSP response are cached else false
*/
private boolean isCached(List<SFPair<Certificate, Certificate>> pairIssuerSubjectList) {
long currentTimeSecond = new Date().getTime() / 1000L;
boolean isCached = true;
try {
for (SFPair<Certificate, Certificate> pairIssuerSubject : pairIssuerSubjectList) {
OCSPReq req = createRequest(pairIssuerSubject);
CertificateID certificateId = req.getRequestList()[0].getCertID();
LOGGER.debug(CertificateIDToString(certificateId));
CertID cid = certificateId.toASN1Primitive();
OcspResponseCacheKey k = new OcspResponseCacheKey(cid.getIssuerNameHash().getEncoded(), cid.getIssuerKeyHash().getEncoded(), cid.getSerialNumber().getValue());
SFPair<Long, String> res = OCSP_RESPONSE_CACHE.get(k);
if (res == null) {
LOGGER.debug("Not all OCSP responses for the certificate is in the cache.");
isCached = false;
break;
} else if (currentTimeSecond - CACHE_EXPIRATION_IN_SECONDS > res.left) {
LOGGER.debug("Cache for CertID expired.");
isCached = false;
break;
} else {
try {
validateRevocationStatusMain(pairIssuerSubject, res.right);
} catch (SFOCSPException ex) {
LOGGER.debug("Cache includes invalid OCSPResponse. " + "Will download the OCSP cache from Snowflake OCSP server");
isCached = false;
}
}
}
} catch (IOException ex) {
LOGGER.debug("Failed to encode CertID.");
}
return isCached;
}
Also used :
CertID(org.bouncycastle.asn1.ocsp.CertID)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Aggregations
Certificate (org.bouncycastle.asn1.x509.Certificate)53
IOException (java.io.IOException)40
X509Certificate (java.security.cert.X509Certificate)37
CertificateException (java.security.cert.CertificateException)27
File (java.io.File)12
Test (org.junit.Test)11
BigInteger (java.math.BigInteger)9
CertificateEncodingException (java.security.cert.CertificateEncodingException)9
TBSCertificate (org.bouncycastle.asn1.x509.TBSCertificate)9
Test (org.junit.jupiter.api.Test)9
Certificate (com.google.cloud.security.privateca.v1.Certificate)8
CertificateAuthorityServiceClient (com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient)8
SQLException (java.sql.SQLException)8
X500Name (org.bouncycastle.asn1.x500.X500Name)8
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)7
Certificate (com.beanit.asn1bean.compiler.pkix1explicit88.Certificate)6
Extension (org.bouncycastle.asn1.x509.Extension)6
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)6
ArrayList (java.util.ArrayList)5
