use of com.google.cloud.security.privateca.v1.CertificateAuthority.State in project java-security-private-ca by googleapis.
the class SnippetsIT method testActivateSubordinateCertificateAuthority.
@Test
public void testActivateSubordinateCertificateAuthority() throws IOException, ExecutionException, InterruptedException {
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
Certificate response = certificateAuthorityServiceClient.getCertificate(CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CSR_CERTIFICATE_NAME).toString());
String pemCertificate = response.getPemCertificate();
privateca.ActivateSubordinateCa.activateSubordinateCA(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, SUBORDINATE_CA_NAME, pemCertificate);
assertThat(stdOut.toString()).contains("Current State: STAGED");
}
}
use of com.google.cloud.security.privateca.v1.CertificateAuthority.State in project java-security-private-ca by googleapis.
the class DeleteCertificateAuthority method deleteCertificateAuthority.
// Delete the Certificate Authority from the specified CA pool.
// Before deletion, the CA must be disabled and must not contain any active certificates.
public static void deleteCertificateAuthority(String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException {
// clean up any remaining background resources.
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
// Create the Certificate Authority Name.
CertificateAuthorityName certificateAuthorityNameParent = CertificateAuthorityName.newBuilder().setProject(project).setLocation(location).setCaPool(pool_Id).setCertificateAuthority(certificateAuthorityName).build();
// Check if the CA is enabled.
State caState = certificateAuthorityServiceClient.getCertificateAuthority(certificateAuthorityNameParent).getState();
if (caState == State.ENABLED) {
System.out.println("Please disable the Certificate Authority before deletion ! Current state: " + caState);
return;
}
// Create the DeleteCertificateAuthorityRequest.
// Setting the setIgnoreActiveCertificates() to true, will delete the CA
// even if it contains active certificates. Care should be taken to re-anchor
// the certificates to new CA before deleting.
DeleteCertificateAuthorityRequest deleteCertificateAuthorityRequest = DeleteCertificateAuthorityRequest.newBuilder().setName(certificateAuthorityNameParent.toString()).setIgnoreActiveCertificates(false).build();
// Delete the Certificate Authority.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.deleteCertificateAuthorityCallable().futureCall(deleteCertificateAuthorityRequest);
Operation response = futureCall.get();
if (response.hasError()) {
System.out.println("Error while deleting Certificate Authority !" + response.getError());
return;
}
// Check if the CA has been deleted.
caState = certificateAuthorityServiceClient.getCertificateAuthority(certificateAuthorityNameParent).getState();
if (caState == State.DELETED) {
System.out.println("Successfully deleted Certificate Authority : " + certificateAuthorityName);
} else {
System.out.println("Unable to delete Certificate Authority. Please try again ! Current state: " + caState);
}
}
}
use of com.google.cloud.security.privateca.v1.CertificateAuthority.State in project java-security-private-ca by googleapis.
the class EnableCertificateAuthority method enableCertificateAuthority.
// Enable the Certificate Authority present in the given ca pool.
// CA cannot be enabled if it has been already deleted.
public static void enableCertificateAuthority(String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException {
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
// Create the Certificate Authority Name.
CertificateAuthorityName certificateAuthorityParent = CertificateAuthorityName.newBuilder().setProject(project).setLocation(location).setCaPool(pool_Id).setCertificateAuthority(certificateAuthorityName).build();
// Create the Enable Certificate Authority Request.
EnableCertificateAuthorityRequest enableCertificateAuthorityRequest = EnableCertificateAuthorityRequest.newBuilder().setName(certificateAuthorityParent.toString()).build();
// Enable the Certificate Authority.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.enableCertificateAuthorityCallable().futureCall(enableCertificateAuthorityRequest);
Operation response = futureCall.get();
if (response.hasError()) {
System.out.println("Error while enabling Certificate Authority !" + response.getError());
return;
}
// Get the current CA state.
State caState = certificateAuthorityServiceClient.getCertificateAuthority(certificateAuthorityParent).getState();
// Check if the CA is enabled.
if (caState == State.ENABLED) {
System.out.println("Enabled Certificate Authority : " + certificateAuthorityName);
} else {
System.out.println("Cannot enable the Certificate Authority ! Current CA State: " + caState);
}
}
}
use of com.google.cloud.security.privateca.v1.CertificateAuthority.State in project java-security-private-ca by googleapis.
the class DisableCertificateAuthority method disableCertificateAuthority.
// Disable a Certificate Authority which is present in the given CA pool.
public static void disableCertificateAuthority(String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException {
// clean up any remaining background resources.
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
// Create the Certificate Authority Name.
CertificateAuthorityName certificateAuthorityNameParent = CertificateAuthorityName.newBuilder().setProject(project).setLocation(location).setCaPool(pool_Id).setCertificateAuthority(certificateAuthorityName).build();
// Create the Disable Certificate Authority Request.
DisableCertificateAuthorityRequest disableCertificateAuthorityRequest = DisableCertificateAuthorityRequest.newBuilder().setName(certificateAuthorityNameParent.toString()).build();
// Disable the Certificate Authority.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.disableCertificateAuthorityCallable().futureCall(disableCertificateAuthorityRequest);
Operation response = futureCall.get();
if (response.hasError()) {
System.out.println("Error while disabling Certificate Authority !" + response.getError());
return;
}
// Get the current CA state.
State caState = certificateAuthorityServiceClient.getCertificateAuthority(certificateAuthorityNameParent).getState();
// Check if the Certificate Authority is disabled.
if (caState == State.DISABLED) {
System.out.println("Disabled Certificate Authority : " + certificateAuthorityName);
} else {
System.out.println("Cannot disable the Certificate Authority ! Current CA State: " + caState);
}
}
}
use of com.google.cloud.security.privateca.v1.CertificateAuthority.State in project java-security-private-ca by googleapis.
the class UndeleteCertificateAuthority method undeleteCertificateAuthority.
// Restore a deleted CA, if still within the grace period of 30 days.
public static void undeleteCertificateAuthority(String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException, TimeoutException {
// clean up any remaining background resources.
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
String certificateAuthorityParent = CertificateAuthorityName.of(project, location, pool_Id, certificateAuthorityName).toString();
// Confirm if the CA is in DELETED stage.
if (getCurrentState(certificateAuthorityServiceClient, certificateAuthorityParent) != State.DELETED) {
System.out.println("CA is not deleted !");
return;
}
// Create the Request.
UndeleteCertificateAuthorityRequest undeleteCertificateAuthorityRequest = UndeleteCertificateAuthorityRequest.newBuilder().setName(certificateAuthorityParent).build();
// Undelete the CA.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.undeleteCertificateAuthorityCallable().futureCall(undeleteCertificateAuthorityRequest);
Operation response = futureCall.get(5, TimeUnit.SECONDS);
// Confirm if the CA is DISABLED.
if (response.hasError() || getCurrentState(certificateAuthorityServiceClient, certificateAuthorityParent) != State.DISABLED) {
System.out.println("Unable to restore the Certificate Authority! Please try again !" + response.getError());
return;
}
// The CA will be in the DISABLED state. Enable before use.
System.out.println("Successfully restored the Certificate Authority ! " + certificateAuthorityName);
}
}
Aggregations