use of com.aws.greengrass.util.exceptions.TLSAuthException in project aws-greengrass-nucleus by aws-greengrass.
the class SecurityService method getDeviceIdentityKeyManagers.
/**
* Get KeyManagers for the default device identity.
*
* @return key managers
* @throws TLSAuthException if any error happens
*/
@SuppressWarnings({ "PMD.AvoidCatchingGenericException", "PMD.PreserveStackTrace" })
public KeyManager[] getDeviceIdentityKeyManagers() throws TLSAuthException {
URI privateKey = getDeviceIdentityPrivateKeyURI();
URI certPath = getDeviceIdentityCertificateURI();
try {
return RetryUtils.runWithRetry(GET_KEY_MANAGERS_RETRY_CONFIG, () -> getKeyManagers(privateKey, certPath), "get-key-managers", logger);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new TLSAuthException("Get key managers interrupted", e);
} catch (Exception e) {
throw new TLSAuthException("Error during getting key managers", e);
}
}
use of com.aws.greengrass.util.exceptions.TLSAuthException in project aws-greengrass-nucleus by aws-greengrass.
the class ClientConfigurationUtils method createTrustManagers.
private static TrustManager[] createTrustManagers(String rootCAPath) throws TLSAuthException {
try {
List<X509Certificate> trustCertificates = EncryptionUtils.loadX509Certificates(Paths.get(rootCAPath));
KeyStore tmKeyStore = KeyStore.getInstance("JKS");
tmKeyStore.load(null, null);
for (X509Certificate certificate : trustCertificates) {
X500Principal principal = certificate.getSubjectX500Principal();
String name = principal.getName("RFC2253");
tmKeyStore.setCertificateEntry(name, certificate);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
trustManagerFactory.init(tmKeyStore);
return trustManagerFactory.getTrustManagers();
} catch (GeneralSecurityException | IOException e) {
throw new TLSAuthException("Failed to get trust manager", e);
}
}
Aggregations