Examples with CertificateRequest com.venafi.vcert.sdk.certificate.CertificateRequest used on opensource projects

Search in sources :

Example 36 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorTest method requestCertificate.

@Test
void requestCertificate() throws VCertException {
    Security.addProvider(new BouncyCastleProvider());
    String apiKey = "12345678-1234-1234-1234-123456789012";
    CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
    cit.id("15c7e3f0-ff0a-11e9-a3f0-2b5db8116980");
    cit.keyTypes(Arrays.asList(new AllowedKeyType("RSA", Arrays.asList(2048))));
    cit.keyReuse(true);
    cit.subjectCNRegexes(Arrays.asList("^random name$", "^.*.example.com$", "^.*.example.org$", "^.*.example.net$", "^.*.invalid$", "^.*.local$", "^.*.localhost$", "^.*.test$"));
    cit.subjectORegexes(Arrays.asList("^.*$"));
    cit.subjectOURegexes(Arrays.asList("^.*$"));
    cit.subjectSTRegexes(Arrays.asList());
    cit.subjectLRegexes(Arrays.asList());
    cit.subjectCValues(Arrays.asList());
    cit.sanDnsNameRegexes(Arrays.asList());
    Application application = new Application();
    application.id("d3d7e270-545b-11eb-a494-893c4e1e4fad");
    when(cloud.applicationByName(eq("test_app"), eq(apiKey))).thenReturn(application);
    when(cloud.certificateIssuingTemplateByAppNameAndCitAlias(eq("test_app"), eq("test_zone"), eq(apiKey))).thenReturn(cit);
    // todo:
    when(cloud.certificateRequest(eq(apiKey), any(CloudConnector.CertificateRequestsPayload.class))).thenReturn(new CloudConnector.CertificateRequestsResponse().certificateRequests(singletonList(new CloudConnector.CertificateRequestsResponseData().id("jackpot"))));
    CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("random name").organization(singletonList("Venafi, Inc.")).organizationalUnit(singletonList("Automated Tests")));
    final Authentication auth = new Authentication(null, null, apiKey);
    classUnderTest.authenticate(auth);
    ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration("test_app\\test_zone");
    classUnderTest.generateRequest(zoneConfig, request);
    String actual = classUnderTest.requestCertificate(request, zoneConfig);
    assertThat(actual).isEqualTo("jackpot");
}
Also used : CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) AllowedKeyType(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate.AllowedKeyType) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Application(com.venafi.vcert.sdk.connectors.cloud.domain.Application) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Test(org.junit.jupiter.api.Test)

Example 37 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorTest method retrieveCertificate.

@Test
void retrieveCertificate() throws VCertException, IOException {
    Security.addProvider(new BouncyCastleProvider());
    String apiKey = "12345678-1234-1234-1234-123456789012";
    final Authentication auth = new Authentication(null, null, apiKey);
    classUnderTest.authenticate(auth);
    String body = readResourceAsString("certificates/certWithKey.pem");
    PEMCollection pemCollection = PEMCollection.fromStringPEMCollection(body, ChainOption.ChainOptionIgnore, null, null);
    CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("random name").organization(singletonList("Venafi, Inc.")).organizationalUnit(singletonList("Automated Tests")));
    request.pickupId("jackpot").keyType(KeyType.RSA).keyPair(new KeyPair(pemCollection.certificate().getPublicKey(), pemCollection.privateKey())).keyPassword(KEY_SECRET);
    List<String> list = new ArrayList<String>();
    list.add("jackpot");
    CertificateStatus status = new CertificateStatus().status("ISSUED").certificateIds(list);
    CertificateDetails certificateDetails = new CertificateDetails().dekHash("12345");
    EdgeEncryptionKey edgeEncryptionKey = new EdgeEncryptionKey();
    cloud.certificateDetails(eq("jackpot"), eq(apiKey));
    when(cloud.certificateStatus(eq("jackpot"), eq(apiKey))).thenReturn(status);
    when(cloud.retrieveCertificate(eq("jackpot"), eq(apiKey), eq("ROOT_FIRST"))).thenReturn(Response.builder().request(Request.create(Request.HttpMethod.GET, "http://localhost", new HashMap<String, Collection<String>>(), null, null)).status(200).body(body, Charset.forName("UTF-8")).build());
    when(cloud.certificateDetails(eq("jackpot"), eq(apiKey))).thenReturn(certificateDetails);
    when(cloud.retrieveEdgeEncryptionKey(eq("12345"), eq(apiKey))).thenReturn(edgeEncryptionKey);
    PEMCollection pemCollection2 = classUnderTest.retrieveCertificate(request);
    assertThat(pemCollection2).isNotNull();
    assertThat(pemCollection2.certificate()).isNotNull();
    assertThat(pemCollection2.privateKey()).isNotNull();
    assertThat(pemCollection2.privateKeyPassword()).isEqualTo(KEY_SECRET);
}
Also used : KeyPair(java.security.KeyPair) HashMap(java.util.HashMap) CertificateStatus(com.venafi.vcert.sdk.certificate.CertificateStatus) CertificateDetails(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateDetails) ArrayList(java.util.ArrayList) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) EdgeEncryptionKey(com.venafi.vcert.sdk.connectors.cloud.domain.EdgeEncryptionKey) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Test(org.junit.jupiter.api.Test)

Example 38 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class TppConnectorAT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    String commonName = TestUtils.randomCN();
    ZoneConfiguration zoneConfiguration = connectorResource.connector().readZoneConfiguration(TestUtils.TPP_ZONE);
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).ipAddresses(getTestIps()).keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = connectorResource.connector().generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(new String(certificateRequest.csr()))).readObject();
    // Values overridden by policy which is why they don't match the above values
    String subject = request.getSubject().toString();
    assertThat(subject).contains(format("CN=%s", commonName));
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 39 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class TppConnectorCertAT method revokeCertificate.

@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest();
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    // just wait for the certificate issuance
    connector.retrieveCertificate(certificateRequest);
    RevocationRequest revocationRequest = new RevocationRequest();
    revocationRequest.reason("key-compromise");
    revocationRequest.certificateDN(certificateRequest.pickupId());
    connector.revokeCertificate(revocationRequest);
}
Also used : RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 40 with CertificateRequest

use of com.venafi.vcert.sdk.certificate.CertificateRequest in project vcert-java by Venafi.

the class CloudConnectorAT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    String commonName = TestUtils.randomCN();
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connector.readZoneConfiguration(TestUtils.CLOUD_ZONE);
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).keyType(KeyType.RSA);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(Strings.fromByteArray(certificateRequest.csr()))).readObject();
    String subject = request.getSubject().toString();
    assertThat(subject).contains(String.format("CN=%s", commonName));
    assertThat(subject).contains("O=Venafi\\, Inc.");
    assertThat(subject).contains("OU=Engineering");
    assertThat(subject).contains("OU=Automated Tests");
    assertThat(subject).contains("C=US");
    assertThat(subject).contains("L=SLC");
    assertThat(subject).contains("ST=Utah");
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Aggregations

CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)53 Test (org.junit.jupiter.api.Test)44 ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)43 DisplayName (org.junit.jupiter.api.DisplayName)24 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)20 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)9 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)8 StringReader (java.io.StringReader)8 FeignException (feign.FeignException)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)6 VCertException (com.venafi.vcert.sdk.VCertException)5 IOException (java.io.IOException)5 ArrayList (java.util.ArrayList)5 PEMParser (org.bouncycastle.openssl.PEMParser)5 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)4 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)4 Instant (java.time.Instant)4 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial