use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method requestCertificate.
@Test
void requestCertificate() throws VCertException, UnknownHostException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method privateKeyPKCSTest.
@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
// By default the DataFormat of the CertificateRequest is PKCS8
CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(pickupId).isNotNull();
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS8 Encrypted
assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
// changing to data format Legacy in order to get the PrivateKey in PKCS1
certificateRequest.dataFormat(DataFormat.LEGACY);
// Retrieving the PemCollection
PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
// getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
// evaluating that the private Key is in PKCS1 Encrypted
assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method createCertificateValidateValidityHours.
@Test
@DisplayName("Create a certificate and validate specified validity hours - Cloud")
public void createCertificateValidateValidityHours() throws VCertException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA).validityHours(TestUtils.VALID_HOURS);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
connector.requestCertificate(certificateRequest, zoneConfiguration);
// Retrieve PEM collection from Venafi
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
Date notAfter = pemCollection.certificate().getNotAfter();
LocalDate notAfterDate = notAfter.toInstant().atOffset(ZoneOffset.UTC).toLocalDate();
Instant now = Instant.now();
LocalDateTime utcDateTime = LocalDateTime.ofInstant(now, ZoneOffset.UTC);
int validityDays = VCertUtils.getValidityDays(TestUtils.VALID_HOURS);
utcDateTime = utcDateTime.plusDays(validityDays);
LocalDate nowDateInUTC = utcDateTime.toLocalDate();
// Dates should be equals if not then it will fail
assertTrue(notAfterDate.compareTo(nowDateInUTC) == 0);
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method requestCertificateUnrestricted.
@Test
void requestCertificateUnrestricted() throws VCertException, UnknownHostException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA).keyLength(2048);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class ZoneConfigurationTest method invalidCNMatch.
@Test
@DisplayName("Expect CN not to match with a termination")
void invalidCNMatch() throws VCertException {
final ZoneConfiguration zoneConfiguration = getBaseZoneConfiguration();
final CertificateRequest certificateRequest = getDefaultCertificateRequest();
certificateRequest.subject().commonName("vcert.text.vfidev.com.example");
final Throwable exception = assertThrows(VCertException.class, () -> zoneConfiguration.validateCertificateRequest(certificateRequest));
assertThat(exception.getMessage()).contains("CN does not match any of the allowed CN");
}
Aggregations