Example 6 with PEMCollection
use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.
the class CloudConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, CertificateException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = null;
try {
renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
} catch (CertificateNotFoundByThumbprintException e) {
// wait for 5 sec, it's very probably that the Certificate is not ready at this point
logger.warn("Failed to renewCertificate, because it's very probably that the Certificate is not ready yet. Waiting 5 sec to attempt one more time...");
try {
Thread.sleep(5000);
} catch (InterruptedException e1) {
e1.printStackTrace();
}
renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
}
assertThat(renewRequestId).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)
RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.jupiter.api.Test)
Example 7 with PEMCollection
use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.
the class CloudConnectorCertAT method retrieveCertificateServiceGeneratedCSR.
@Test
void retrieveCertificateServiceGeneratedCSR() throws VCertException, UnknownHostException {
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
// For CSR Service Generated Request is not needed to call to generateRequest() method
// certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(pickupId).isNotNull();
certificateRequest.pickupId(pickupId);
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
assertThat(pemCollection.certificate()).isNotNull();
assertThat(pemCollection.chain()).hasSize(2);
assertThat(pemCollection.privateKey()).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
Example 8 with PEMCollection
use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method retrieveCertificate.
@Test
void retrieveCertificate() throws VCertException, SocketException, UnknownHostException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest();
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
assertThat(pemCollection.certificate()).isNotNull();
assertThat(pemCollection.privateKey()).isNotNull();
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration)
CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest)
Test(org.junit.jupiter.api.Test)
Example 9 with PEMCollection
use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.
the class TppConnector method retrieveCertificate.
@Override
public PEMCollection retrieveCertificate(CertificateRequest request) throws VCertException {
boolean includeChain = request.chainOption() != ChainOption.ChainOptionIgnore;
boolean rootFirstOrder = includeChain && request.chainOption() == ChainOption.ChainOptionRootFirst;
if (isNotBlank(request.pickupId()) && isNotBlank(request.thumbprint())) {
Tpp.CertificateSearchResponse searchResult = searchCertificatesByFingerprint(request.thumbprint());
if (searchResult.certificates().size() == 0)
throw new CertificateNotFoundByThumbprintException(request.thumbprint());
if (searchResult.certificates().size() > 1)
throw new MoreThanOneCertificateWithSameThumbprintException(request.thumbprint());
request.pickupId(searchResult.certificates().get(0).certificateRequestId());
}
CertificateRetrieveRequest certReq = new CertificateRetrieveRequest().certificateDN(request.pickupId()).format(request.dataFormat() == DataFormat.PKCS8 ? PKCS8_DATA_FORMAT : LEGACY_DATA_FORMAT).rootFirstOrder(rootFirstOrder).includeChain(includeChain);
if (request.csrOrigin() == CsrOriginOption.ServiceGeneratedCSR || request.fetchPrivateKey()) {
certReq.includePrivateKey(true);
certReq.password(request.keyPassword());
}
// TODO move this retry logic to feign client
Instant startTime = Instant.now();
while (true) {
Tpp.CertificateRetrieveResponse retrieveResponse = retrieveCertificateOnce(certReq);
if (isNotBlank(retrieveResponse.certificateData())) {
PEMCollection pemCollection = PEMCollection.fromStringPEMCollection(org.bouncycastle.util.Strings.fromByteArray(Base64.getDecoder().decode(retrieveResponse.certificateData())), request.chainOption(), request.privateKey(), request.keyPassword(), request.dataFormat());
request.checkCertificate(pemCollection.certificate());
return pemCollection;
}
if (ZERO.equals(request.timeout()))
throw new CertificatePendingException(request.pickupId());
if (Instant.now().isAfter(startTime.plus(request.timeout())))
throw new RetrieveCertificateTimeoutException(request.pickupId());
try {
TimeUnit.SECONDS.sleep(2);
} catch (InterruptedException e) {
// Restore interrupted state...
Thread.currentThread().interrupt();
throw new AttemptToRetryException(e);
}
}
}
Also used :
Instant(java.time.Instant)
MoreThanOneCertificateWithSameThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.MoreThanOneCertificateWithSameThumbprintException)
CertificatePendingException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificatePendingException)
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)
AttemptToRetryException(com.venafi.vcert.sdk.connectors.ConnectorException.AttemptToRetryException)
CertificateSearchResponse(com.venafi.vcert.sdk.connectors.tpp.Tpp.CertificateSearchResponse)
CertificateRetrieveResponse(com.venafi.vcert.sdk.connectors.tpp.Tpp.CertificateRetrieveResponse)
RetrieveCertificateTimeoutException(com.venafi.vcert.sdk.connectors.ConnectorException.RetrieveCertificateTimeoutException)
Example 10 with PEMCollection
use of com.venafi.vcert.sdk.certificate.PEMCollection in project vcert-java by Venafi.
the class CloudConnector method getCertificateAsPEMCollection.
private PEMCollection getCertificateAsPEMCollection(CertificateRequest request) throws VCertException {
String vaasChainOption = CloudConnectorUtils.getVaaSChainOption(request.chainOption());
PEMCollection pemCollection = getCertificateAsPEMCollection(request, vaasChainOption);
request.checkCertificate(pemCollection.certificate());
return pemCollection;
}
Also used :
PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection)
Aggregations
PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)20
CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)18
ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)17
Test (org.junit.jupiter.api.Test)14
RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7
X509Certificate (java.security.cert.X509Certificate)7
DisplayName (org.junit.jupiter.api.DisplayName)6
Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5
Instant (java.time.Instant)5
Config (com.venafi.vcert.sdk.Config)3
TestUtils (com.venafi.vcert.sdk.TestUtils)3
VCertException (com.venafi.vcert.sdk.VCertException)3
CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3
DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3
RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)3
CertificateNotFoundByThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)3
IOException (java.io.IOException)3
StringReader (java.io.StringReader)3
UnknownHostException (java.net.UnknownHostException)3
CertificateException (java.security.cert.CertificateException)3
