use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppConnectorCertAT method createCertificateValidateValidityHours.
@Test
@DisplayName("Create a cerfiticate and validate specified validity hours - TPP")
void createCertificateValidateValidityHours() throws UnknownHostException, VCertException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest cr = connectorResource.certificateRequest().validityHours(TestUtils.VALID_HOURS).issuerHint("MICROSOFT");
cr = connector.generateRequest(zoneConfiguration, cr);
// Submit the certificate request
connector.requestCertificate(cr, zoneConfiguration);
// Retrieve PEM collection from Venafi
PEMCollection pemCollection = connector.retrieveCertificate(cr);
Date notAfter = pemCollection.certificate().getNotAfter();
LocalDate notAfterDate = notAfter.toInstant().atOffset(ZoneOffset.UTC).toLocalDate();
Instant now = Instant.now();
LocalDateTime utcDateTime = LocalDateTime.ofInstant(now, ZoneOffset.UTC);
int validityDays = VCertUtils.getValidityDays(TestUtils.VALID_HOURS);
utcDateTime = utcDateTime.plusDays(validityDays);
LocalDate nowDateInUTC = utcDateTime.toLocalDate();
// Dates should be equals if not then it will fail
assertTrue(notAfterDate.compareTo(nowDateInUTC) == 0);
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
assertThat(renewRequestId).isNotNull();
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppConnectorTest method requestCertificate.
@Test
@DisplayName("Request a certificate from TPP")
void requestCertificate() throws VCertException {
Security.addProvider(new BouncyCastleProvider());
TppConnector.ReadZoneConfigurationRequest expectedRZCRequest = new TppConnector.ReadZoneConfigurationRequest("\\VED\\Policy\\myZone");
when(tpp.readZoneConfiguration(eq(expectedRZCRequest), eq(API_KEY))).thenReturn(new TppConnector.ReadZoneConfigurationResponse().policy(new ServerPolicy().subject(new ServerPolicy.Subject().organizationalUnit(new LockableValues<String>(false, Collections.singletonList("OU"))).state(new LockableValue<>(false, "state")).city(new LockableValue<>(false, "city")).country(new LockableValue<>(false, "country")).organization(new LockableValue<>(false, "organization"))).keyPair(new ServerPolicy.KeyPair(new LockableValue<>(false, "keyAlgo"), new LockableValue<>(false, 1024), null))));
when(tpp.requestCertificate(any(TppConnector.CertificateRequestsPayload.class), eq(API_KEY))).thenReturn(new Tpp.CertificateRequestResponse().certificateDN("reqId"));
String zoneTag = "myZone";
ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration(classUnderTest.getPolicyDN(zoneTag));
String cn = String.format("t%d-%s.venafi.xample.com", Instant.now().getEpochSecond(), RandomStringUtils.randomAlphabetic(4).toLowerCase());
CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(cn).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Collections.singletonList("Automated Tests")).locality(Collections.singletonList("Las Vegas")).province(Collections.singletonList("Nevada")).country(Collections.singletonList("US"))).friendlyName(cn).keyLength(512);
classUnderTest.generateRequest(zoneConfig, request);
logger.info("getPolicyDN(ZoneTag) = %s", classUnderTest.getPolicyDN(zoneTag));
ZoneConfiguration zoneConfiguration = new ZoneConfiguration();
zoneConfiguration.zoneId(classUnderTest.getPolicyDN(zoneTag));
String requestId = classUnderTest.requestCertificate(request, zoneConfiguration);
assertEquals("reqId", requestId);
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
assertThat(renewRequestId).isNotNull();
}
use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method revokeCertificate.
@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
// just wait for the certificate issuance
connector.retrieveCertificate(certificateRequest);
RevocationRequest revocationRequest = new RevocationRequest();
revocationRequest.reason("key-compromise");
revocationRequest.certificateDN(certificateRequest.pickupId());
connector.revokeCertificate(revocationRequest);
}
Aggregations