use of com.venafi.vcert.sdk.certificate.SshCertificateRequest in project vcert-java by Venafi.
the class SshCertificateRequestRetrieveWithOutKeyPairProvided method main.
/**
* @param args
*/
public static void main(String[] args) {
try {
// replace it by the key id value
String keyId = "<KEY_ID>";
// replace it by the CADN or the CA Name
String template = "<TPP_SSH_CA>";
// replace it by the TPP User
String user = "<TPPUSER>";
// replace it by the TPP Password
String password = "<TPPPASSWORD>";
// replace it by the TPP URL
String baseUri = "<TPP_URL>";
// 1. Get a VCertClient for TPP setting the scope to "ssh:manage"
Authentication auth = Authentication.builder().user(user).password(password).scope("ssh:manage").build();
Config config = Config.builder().connectorType(ConnectorType.TPP_TOKEN).baseUrl(baseUri).build();
VCertTknClient client = new VCertTknClient(config);
client.getAccessToken(auth);
// 2. Get an instance of com.venafi.vcert.sdk.certificate.SshCertificateRequest class.
SshCertificateRequest req = new SshCertificateRequest().keyId(keyId).validityPeriod(// if you omit it, then the validity period of the CIT will be used
"4h").template(template);
// 3. Use the VCertClient method requestSshCertificate() to request the creation of a new
// SSH Certificate on TPP. This will return the DN of the created SSH Certificate which
// will be used to retrieve the created SSH Certificate.
String pickUpID = client.requestSshCertificate(req);
// 4. Set the pickUp ID to the SshCertificateRequest created. You can create a new one
// but in order to avoid the boilerplate, it's preferable to use the already one created.
req.pickupID(pickUpID);
// 4a. you can set a passphrase for the Private Key of the KeyPair that will be generated by TPP.
req.privateKeyPassphrase("my-passphrase");
// 5. Use the VCertClient method retrieveSshCertificate() to retrieve the created
// SSH Certificate on TPP. It will return an instance of SshCertRetrieveDetails which
// will contain the Ssh Certificate Data, the Public and Private Keys, etc.
SshCertRetrieveDetails sshCertRetrieveDetails = client.retrieveSshCertificate(req);
client.revokeAccessToken();
} catch (Exception e) {
e.printStackTrace();
}
}
Aggregations