Example 6 with CertificateRequest
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method createCertificateValidateValidityHours.
@Test
@DisplayName("Create a cerfiticate that contais custom fields and validate if certifcate were created correctly")
void createCertificateValidateValidityHours() throws UnknownHostException, VCertException {
// Custom fields
List<CustomField> customFields = new ArrayList<CustomField>();
customFields.add(new CustomField("custom", "java-test"));
customFields.add(new CustomField("cfList", "item2"));
customFields.add(new CustomField("cfListMulti", "tier1"));
customFields.add(new CustomField("cfListMulti", "tier2"));
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().customFields(customFields);
certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
// Submit the certificate request
connector.requestCertificate(certificateRequest, zoneConfiguration);
// Retrieve PEM collection from Venafi
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
// At this moment certificate, must be created, it will fail if some custom fields aren't supported or specified on tpp
// so is enough to validate if certificate is created.
assertTrue(pemCollection.certificate() != null);
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
CustomField(com.venafi.vcert.sdk.certificate.CustomField)
ArrayList(java.util.ArrayList)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
DisplayName(org.junit.jupiter.api.DisplayName)
Example 7 with CertificateRequest
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorIT method generateRequest.
@Test
void generateRequest() throws VCertException, IOException {
ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration("test_app\\test_zone");
String commonName = TestUtils.randomCN();
CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName)).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName()));
CertificateRequest request = classUnderTest.generateRequest(zoneConfiguration, certificateRequest);
assertThat(certificateRequest.csr()).isNotEmpty();
try (PEMParser pemParser = new PEMParser(new StringReader(Strings.fromByteArray(request.csr())))) {
PKCS10CertificationRequest pkcs10Request = (PKCS10CertificationRequest) pemParser.readObject();
String subject = pkcs10Request.getSubject().toString();
assertThat(subject).contains(String.format("CN=%s", commonName));
assertThat(subject).contains("O=Venafi Inc.");
assertThat(subject).contains("OU=Integrations");
assertThat(subject).contains("C=US");
assertThat(subject).contains("L=Salt Lake");
assertThat(subject).contains("ST=Utah");
assertThat(certificateRequest.privateKey()).isInstanceOf(RSAPrivateKey.class);
assertThat(((RSAPrivateKey) certificateRequest.privateKey()).getModulus().bitLength()).isEqualTo(4096);
}
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
PEMParser(org.bouncycastle.openssl.PEMParser)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
StringReader(java.io.StringReader)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
Example 8 with CertificateRequest
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method retrieveCertificateCSRProvided.
@Test
void retrieveCertificateCSRProvided() throws VCertException, UnknownHostException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
certificateRequest.pickupId(certificateId);
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
assertThat(pemCollection.certificate()).isNotNull();
assertThat(pemCollection.chain()).hasSize(2);
assertThat(pemCollection.privateKey()).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
Example 9 with CertificateRequest
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, CertificateException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = null;
try {
renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
} catch (CertificateNotFoundByThumbprintException e) {
// wait for 5 sec, it's very probably that the Certificate is not ready at this point
logger.warn("Failed to renewCertificate, because it's very probably that the Certificate is not ready yet. Waiting 5 sec to attempt one more time...");
try {
Thread.sleep(5000);
} catch (InterruptedException e1) {
e1.printStackTrace();
}
renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
}
assertThat(renewRequestId).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)
RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.jupiter.api.Test)
Example 10 with CertificateRequest
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class CloudConnectorCertAT method retrieveCertificateServiceGeneratedCSR.
@Test
void retrieveCertificateServiceGeneratedCSR() throws VCertException, UnknownHostException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
// For CSR Service Generated Request is not needed to call to generateRequest() method
// certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(pickupId).isNotNull();
certificateRequest.pickupId(pickupId);
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
assertThat(pemCollection.certificate()).isNotNull();
assertThat(pemCollection.chain()).hasSize(2);
assertThat(pemCollection.privateKey()).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
Aggregations
CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)53
Test (org.junit.jupiter.api.Test)44
ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)43
DisplayName (org.junit.jupiter.api.DisplayName)24
PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)20
RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)9
Authentication (com.venafi.vcert.sdk.endpoint.Authentication)8
StringReader (java.io.StringReader)8
FeignException (feign.FeignException)7
X509Certificate (java.security.cert.X509Certificate)7
RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)6
VCertException (com.venafi.vcert.sdk.VCertException)5
IOException (java.io.IOException)5
ArrayList (java.util.ArrayList)5
PEMParser (org.bouncycastle.openssl.PEMParser)5
CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)4
DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)4
Instant (java.time.Instant)4
BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)4
PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4
