Search in sources :

Example 46 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorCertAT method requestCertificate.

@Test
void requestCertificate() throws VCertException, UnknownHostException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 47 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorCertAT method privateKeyPKCSTest.

@Test
void privateKeyPKCSTest() throws VCertException, UnknownHostException, IOException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    // By default the DataFormat of the CertificateRequest is PKCS8
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKeyPKCS8 = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key in PKCS8 Encrypted
    String privateKeyPKCS8AsEncryptedPem = pemCollectionRSAPrivateKeyPKCS8.pemPrivateKey();
    PemObject privateKeyPKCS8AsPemObject = new PemReader(new StringReader(privateKeyPKCS8AsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS8 Encrypted
    assertThat(pemCollectionRSAPrivateKeyPKCS8.privateKey()).isNotNull();
    assertTrue(privateKeyPKCS8AsPemObject.getType().equals(TestUtils.PEM_HEADER_PKCS8_ENCRYPTED));
    // changing to data format Legacy in order to get the PrivateKey in PKCS1
    certificateRequest.dataFormat(DataFormat.LEGACY);
    // Retrieving the PemCollection
    PEMCollection pemCollectionRSAPrivateKey = connector.retrieveCertificate(certificateRequest);
    // getting the PrivateKey as PEM which should be a RSA Private Key Encrypted
    String privateKeyRSAAsEncryptedPem = pemCollectionRSAPrivateKey.pemPrivateKey();
    PemObject privateKeyRSAAsPemObject = new PemReader(new StringReader(privateKeyRSAAsEncryptedPem)).readPemObject();
    // evaluating that the private Key is in PKCS1 Encrypted
    assertThat(pemCollectionRSAPrivateKey.privateKey()).isNotNull();
    assertTrue(privateKeyRSAAsPemObject.getHeaders().stream().anyMatch(header -> TestUtils.PEM_RSA_PRIVATE_KEY_ENCRYPTED_HEADER_VALUE.equals(((PemHeader) header).getValue())));
}
Also used : Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) X509Certificate(java.security.cert.X509Certificate) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) Date(java.util.Date) KeyType(com.venafi.vcert.sdk.certificate.KeyType) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) LocalDateTime(java.time.LocalDateTime) LoggerFactory(org.slf4j.LoggerFactory) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) PemHeader(org.bouncycastle.util.io.pem.PemHeader) TestUtils(com.venafi.vcert.sdk.TestUtils) CsrOriginOption(com.venafi.vcert.sdk.certificate.CsrOriginOption) CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException) RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension) ZoneOffset(java.time.ZoneOffset) VCertUtils(com.venafi.vcert.sdk.utils.VCertUtils) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) Logger(org.slf4j.Logger) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) Instant(java.time.Instant) UnknownHostException(java.net.UnknownHostException) VCertException(com.venafi.vcert.sdk.VCertException) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) DisplayName(org.junit.jupiter.api.DisplayName) Test(org.junit.jupiter.api.Test) DataFormat(com.venafi.vcert.sdk.certificate.DataFormat) StringReader(java.io.StringReader) LocalDate(java.time.LocalDate) DigestUtils(org.apache.commons.codec.digest.DigestUtils) RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) PemReader(org.bouncycastle.util.io.pem.PemReader) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 48 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorCertAT method createCertificateValidateValidityHours.

@Test
@DisplayName("Create a certificate and validate specified validity hours - Cloud")
public void createCertificateValidateValidityHours() throws VCertException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA).validityHours(TestUtils.VALID_HOURS);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    connector.requestCertificate(certificateRequest, zoneConfiguration);
    // Retrieve PEM collection from Venafi
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    Date notAfter = pemCollection.certificate().getNotAfter();
    LocalDate notAfterDate = notAfter.toInstant().atOffset(ZoneOffset.UTC).toLocalDate();
    Instant now = Instant.now();
    LocalDateTime utcDateTime = LocalDateTime.ofInstant(now, ZoneOffset.UTC);
    int validityDays = VCertUtils.getValidityDays(TestUtils.VALID_HOURS);
    utcDateTime = utcDateTime.plusDays(validityDays);
    LocalDate nowDateInUTC = utcDateTime.toLocalDate();
    // Dates should be equals if not then it will fail
    assertTrue(notAfterDate.compareTo(nowDateInUTC) == 0);
}
Also used : LocalDateTime(java.time.LocalDateTime) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Instant(java.time.Instant) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) LocalDate(java.time.LocalDate) Date(java.util.Date) LocalDate(java.time.LocalDate) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 49 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorCertAT method requestCertificateUnrestricted.

@Test
void requestCertificateUnrestricted() throws VCertException, UnknownHostException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 50 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class ZoneConfigurationTest method invalidCNMatch.

@Test
@DisplayName("Expect CN not to match with a termination")
void invalidCNMatch() throws VCertException {
    final ZoneConfiguration zoneConfiguration = getBaseZoneConfiguration();
    final CertificateRequest certificateRequest = getDefaultCertificateRequest();
    certificateRequest.subject().commonName("vcert.text.vfidev.com.example");
    final Throwable exception = assertThrows(VCertException.class, () -> zoneConfiguration.validateCertificateRequest(certificateRequest));
    assertThat(exception.getMessage()).contains("CN does not match any of the allowed CN");
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Aggregations

CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)53 Test (org.junit.jupiter.api.Test)44 ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)43 DisplayName (org.junit.jupiter.api.DisplayName)24 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)20 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)9 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)8 StringReader (java.io.StringReader)8 FeignException (feign.FeignException)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)6 VCertException (com.venafi.vcert.sdk.VCertException)5 IOException (java.io.IOException)5 ArrayList (java.util.ArrayList)5 PEMParser (org.bouncycastle.openssl.PEMParser)5 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)4 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)4 Instant (java.time.Instant)4 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4