Search in sources :

Example 6 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppTokenConnectorCertAT method createCertificateValidateValidityHours.

@Test
@DisplayName("Create a cerfiticate that contais custom fields and validate if certifcate were created correctly")
void createCertificateValidateValidityHours() throws UnknownHostException, VCertException {
    // Custom fields
    List<CustomField> customFields = new ArrayList<CustomField>();
    customFields.add(new CustomField("custom", "java-test"));
    customFields.add(new CustomField("cfList", "item2"));
    customFields.add(new CustomField("cfListMulti", "tier1"));
    customFields.add(new CustomField("cfListMulti", "tier2"));
    TppTokenConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().customFields(customFields);
    certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    // Submit the certificate request
    connector.requestCertificate(certificateRequest, zoneConfiguration);
    // Retrieve PEM collection from Venafi
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    // At this moment certificate, must be created, it will fail if some custom fields aren't supported or specified on tpp
    // so is enough to validate if certificate is created.
    assertTrue(pemCollection.certificate() != null);
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) CustomField(com.venafi.vcert.sdk.certificate.CustomField) ArrayList(java.util.ArrayList) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 7 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorIT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration("test_app\\test_zone");
    String commonName = TestUtils.randomCN();
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName)).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName()));
    CertificateRequest request = classUnderTest.generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    try (PEMParser pemParser = new PEMParser(new StringReader(Strings.fromByteArray(request.csr())))) {
        PKCS10CertificationRequest pkcs10Request = (PKCS10CertificationRequest) pemParser.readObject();
        String subject = pkcs10Request.getSubject().toString();
        assertThat(subject).contains(String.format("CN=%s", commonName));
        assertThat(subject).contains("O=Venafi Inc.");
        assertThat(subject).contains("OU=Integrations");
        assertThat(subject).contains("C=US");
        assertThat(subject).contains("L=Salt Lake");
        assertThat(subject).contains("ST=Utah");
        assertThat(certificateRequest.privateKey()).isInstanceOf(RSAPrivateKey.class);
        assertThat(((RSAPrivateKey) certificateRequest.privateKey()).getModulus().bitLength()).isEqualTo(4096);
    }
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 8 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorCertAT method retrieveCertificateCSRProvided.

@Test
void retrieveCertificateCSRProvided() throws VCertException, UnknownHostException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().keyType(KeyType.RSA);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    certificateRequest.pickupId(certificateId);
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    assertThat(pemCollection.certificate()).isNotNull();
    assertThat(pemCollection.chain()).hasSize(2);
    assertThat(pemCollection.privateKey()).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 9 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorCertAT method renewCertificate.

@Test
void renewCertificate() throws VCertException, UnknownHostException, CertificateException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    X509Certificate cert = (X509Certificate) pemCollection.certificate();
    String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
    CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames());
    connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
    String renewRequestId = null;
    try {
        renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
    } catch (CertificateNotFoundByThumbprintException e) {
        // wait for 5 sec, it's very probably that the Certificate is not ready at this point
        logger.warn("Failed to renewCertificate, because it's very probably that the Certificate is not ready yet. Waiting 5 sec to attempt one more time...");
        try {
            Thread.sleep(5000);
        } catch (InterruptedException e1) {
            e1.printStackTrace();
        }
        renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
    }
    assertThat(renewRequestId).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) CertificateNotFoundByThumbprintException(com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.jupiter.api.Test)

Example 10 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorCertAT method retrieveCertificateServiceGeneratedCSR.

@Test
void retrieveCertificateServiceGeneratedCSR() throws VCertException, UnknownHostException {
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest().csrOrigin(CsrOriginOption.ServiceGeneratedCSR).keyPassword(TestUtils.KEY_PASSWORD);
    // For CSR Service Generated Request is not needed to call to generateRequest() method
    // certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String pickupId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(pickupId).isNotNull();
    certificateRequest.pickupId(pickupId);
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    assertThat(pemCollection.certificate()).isNotNull();
    assertThat(pemCollection.chain()).hasSize(2);
    assertThat(pemCollection.privateKey()).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Aggregations

ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)50 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)42 Test (org.junit.jupiter.api.Test)42 DisplayName (org.junit.jupiter.api.DisplayName)20 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)17 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7 StringReader (java.io.StringReader)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)5 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5 PEMParser (org.bouncycastle.openssl.PEMParser)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4 Config (com.venafi.vcert.sdk.Config)3 TestUtils (com.venafi.vcert.sdk.TestUtils)3 VCertException (com.venafi.vcert.sdk.VCertException)3 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3 ServerPolicy (com.venafi.vcert.sdk.connectors.ServerPolicy)3 FeignException (feign.FeignException)3 IOException (java.io.IOException)3