Search in sources :

Example 31 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorCertAT method renewCertificate.

@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    X509Certificate cert = (X509Certificate) pemCollection.certificate();
    String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
    CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
    connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
    String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
    assertThat(renewRequestId).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.jupiter.api.Test)

Example 32 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorTest method requestCertificate.

@Test
@DisplayName("Request a certificate from TPP")
void requestCertificate() throws VCertException {
    Security.addProvider(new BouncyCastleProvider());
    TppConnector.ReadZoneConfigurationRequest expectedRZCRequest = new TppConnector.ReadZoneConfigurationRequest("\\VED\\Policy\\myZone");
    when(tpp.readZoneConfiguration(eq(expectedRZCRequest), eq(API_KEY))).thenReturn(new TppConnector.ReadZoneConfigurationResponse().policy(new ServerPolicy().subject(new ServerPolicy.Subject().organizationalUnit(new LockableValues<String>(false, Collections.singletonList("OU"))).state(new LockableValue<>(false, "state")).city(new LockableValue<>(false, "city")).country(new LockableValue<>(false, "country")).organization(new LockableValue<>(false, "organization"))).keyPair(new ServerPolicy.KeyPair(new LockableValue<>(false, "keyAlgo"), new LockableValue<>(false, 1024), null))));
    when(tpp.requestCertificate(any(TppConnector.CertificateRequestsPayload.class), eq(API_KEY))).thenReturn(new Tpp.CertificateRequestResponse().certificateDN("reqId"));
    String zoneTag = "myZone";
    ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration(classUnderTest.getPolicyDN(zoneTag));
    String cn = String.format("t%d-%s.venafi.xample.com", Instant.now().getEpochSecond(), RandomStringUtils.randomAlphabetic(4).toLowerCase());
    CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(cn).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Collections.singletonList("Automated Tests")).locality(Collections.singletonList("Las Vegas")).province(Collections.singletonList("Nevada")).country(Collections.singletonList("US"))).friendlyName(cn).keyLength(512);
    classUnderTest.generateRequest(zoneConfig, request);
    logger.info("getPolicyDN(ZoneTag) = %s", classUnderTest.getPolicyDN(zoneTag));
    ZoneConfiguration zoneConfiguration = new ZoneConfiguration();
    zoneConfiguration.zoneId(classUnderTest.getPolicyDN(zoneTag));
    String requestId = classUnderTest.requestCertificate(request, zoneConfiguration);
    assertEquals("reqId", requestId);
}
Also used : ServerPolicy(com.venafi.vcert.sdk.connectors.ServerPolicy) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) LockableValue(com.venafi.vcert.sdk.connectors.LockableValue) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 33 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppTokenConnectorCertAT method renewCertificate.

@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
    TppTokenConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
    X509Certificate cert = (X509Certificate) pemCollection.certificate();
    String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
    CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
    connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
    String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
    assertThat(renewRequestId).isNotNull();
}
Also used : PEMCollection(com.venafi.vcert.sdk.certificate.PEMCollection) RenewalRequest(com.venafi.vcert.sdk.certificate.RenewalRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.jupiter.api.Test)

Example 34 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppTokenConnectorCertAT method revokeCertificate.

@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
    TppTokenConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    // just wait for the certificate issuance
    connector.retrieveCertificate(certificateRequest);
    RevocationRequest revocationRequest = new RevocationRequest();
    revocationRequest.reason("key-compromise");
    revocationRequest.certificateDN(certificateRequest.pickupId());
    connector.revokeCertificate(revocationRequest);
}
Also used : RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 35 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorTest method requestCertificate.

@Test
void requestCertificate() throws VCertException {
    Security.addProvider(new BouncyCastleProvider());
    String apiKey = "12345678-1234-1234-1234-123456789012";
    CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
    cit.id("15c7e3f0-ff0a-11e9-a3f0-2b5db8116980");
    cit.keyTypes(Arrays.asList(new AllowedKeyType("RSA", Arrays.asList(2048))));
    cit.keyReuse(true);
    cit.subjectCNRegexes(Arrays.asList("^random name$", "^.*.example.com$", "^.*.example.org$", "^.*.example.net$", "^.*.invalid$", "^.*.local$", "^.*.localhost$", "^.*.test$"));
    cit.subjectORegexes(Arrays.asList("^.*$"));
    cit.subjectOURegexes(Arrays.asList("^.*$"));
    cit.subjectSTRegexes(Arrays.asList());
    cit.subjectLRegexes(Arrays.asList());
    cit.subjectCValues(Arrays.asList());
    cit.sanDnsNameRegexes(Arrays.asList());
    Application application = new Application();
    application.id("d3d7e270-545b-11eb-a494-893c4e1e4fad");
    when(cloud.applicationByName(eq("test_app"), eq(apiKey))).thenReturn(application);
    when(cloud.certificateIssuingTemplateByAppNameAndCitAlias(eq("test_app"), eq("test_zone"), eq(apiKey))).thenReturn(cit);
    // todo:
    when(cloud.certificateRequest(eq(apiKey), any(CloudConnector.CertificateRequestsPayload.class))).thenReturn(new CloudConnector.CertificateRequestsResponse().certificateRequests(singletonList(new CloudConnector.CertificateRequestsResponseData().id("jackpot"))));
    CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("random name").organization(singletonList("Venafi, Inc.")).organizationalUnit(singletonList("Automated Tests")));
    final Authentication auth = new Authentication(null, null, apiKey);
    classUnderTest.authenticate(auth);
    ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration("test_app\\test_zone");
    classUnderTest.generateRequest(zoneConfig, request);
    String actual = classUnderTest.requestCertificate(request, zoneConfig);
    assertThat(actual).isEqualTo("jackpot");
}
Also used : CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate) Authentication(com.venafi.vcert.sdk.endpoint.Authentication) AllowedKeyType(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate.AllowedKeyType) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Application(com.venafi.vcert.sdk.connectors.cloud.domain.Application) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Test(org.junit.jupiter.api.Test)

Aggregations

ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)50 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)42 Test (org.junit.jupiter.api.Test)42 DisplayName (org.junit.jupiter.api.DisplayName)20 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)17 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7 StringReader (java.io.StringReader)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)5 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5 PEMParser (org.bouncycastle.openssl.PEMParser)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4 Config (com.venafi.vcert.sdk.Config)3 TestUtils (com.venafi.vcert.sdk.TestUtils)3 VCertException (com.venafi.vcert.sdk.VCertException)3 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3 ServerPolicy (com.venafi.vcert.sdk.connectors.ServerPolicy)3 FeignException (feign.FeignException)3 IOException (java.io.IOException)3