use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
assertThat(renewRequestId).isNotNull();
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppConnectorTest method requestCertificate.
@Test
@DisplayName("Request a certificate from TPP")
void requestCertificate() throws VCertException {
Security.addProvider(new BouncyCastleProvider());
TppConnector.ReadZoneConfigurationRequest expectedRZCRequest = new TppConnector.ReadZoneConfigurationRequest("\\VED\\Policy\\myZone");
when(tpp.readZoneConfiguration(eq(expectedRZCRequest), eq(API_KEY))).thenReturn(new TppConnector.ReadZoneConfigurationResponse().policy(new ServerPolicy().subject(new ServerPolicy.Subject().organizationalUnit(new LockableValues<String>(false, Collections.singletonList("OU"))).state(new LockableValue<>(false, "state")).city(new LockableValue<>(false, "city")).country(new LockableValue<>(false, "country")).organization(new LockableValue<>(false, "organization"))).keyPair(new ServerPolicy.KeyPair(new LockableValue<>(false, "keyAlgo"), new LockableValue<>(false, 1024), null))));
when(tpp.requestCertificate(any(TppConnector.CertificateRequestsPayload.class), eq(API_KEY))).thenReturn(new Tpp.CertificateRequestResponse().certificateDN("reqId"));
String zoneTag = "myZone";
ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration(classUnderTest.getPolicyDN(zoneTag));
String cn = String.format("t%d-%s.venafi.xample.com", Instant.now().getEpochSecond(), RandomStringUtils.randomAlphabetic(4).toLowerCase());
CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(cn).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Collections.singletonList("Automated Tests")).locality(Collections.singletonList("Las Vegas")).province(Collections.singletonList("Nevada")).country(Collections.singletonList("US"))).friendlyName(cn).keyLength(512);
classUnderTest.generateRequest(zoneConfig, request);
logger.info("getPolicyDN(ZoneTag) = %s", classUnderTest.getPolicyDN(zoneTag));
ZoneConfiguration zoneConfiguration = new ZoneConfiguration();
zoneConfiguration.zoneId(classUnderTest.getPolicyDN(zoneTag));
String requestId = classUnderTest.requestCertificate(request, zoneConfiguration);
assertEquals("reqId", requestId);
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method renewCertificate.
@Test
void renewCertificate() throws VCertException, UnknownHostException, SocketException, CertificateException, NoSuchAlgorithmException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
PEMCollection pemCollection = connector.retrieveCertificate(certificateRequest);
X509Certificate cert = (X509Certificate) pemCollection.certificate();
String thumbprint = DigestUtils.sha1Hex(cert.getEncoded()).toUpperCase();
CertificateRequest certificateRequestToRenew = new CertificateRequest().subject(certificateRequest.subject()).dnsNames(certificateRequest.dnsNames()).ipAddresses(certificateRequest.ipAddresses()).keyType(certificateRequest.keyType()).keyLength(certificateRequest.keyLength());
connector.generateRequest(zoneConfiguration, certificateRequestToRenew);
String renewRequestId = connector.renewCertificate(new RenewalRequest().request(certificateRequestToRenew).thumbprint(thumbprint));
assertThat(renewRequestId).isNotNull();
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppTokenConnectorCertAT method revokeCertificate.
@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
TppTokenConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connector.generateRequest(zoneConfiguration, connectorResource.certificateRequest());
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
// just wait for the certificate issuance
connector.retrieveCertificate(certificateRequest);
RevocationRequest revocationRequest = new RevocationRequest();
revocationRequest.reason("key-compromise");
revocationRequest.certificateDN(certificateRequest.pickupId());
connector.revokeCertificate(revocationRequest);
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class CloudConnectorTest method requestCertificate.
@Test
void requestCertificate() throws VCertException {
Security.addProvider(new BouncyCastleProvider());
String apiKey = "12345678-1234-1234-1234-123456789012";
CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
cit.id("15c7e3f0-ff0a-11e9-a3f0-2b5db8116980");
cit.keyTypes(Arrays.asList(new AllowedKeyType("RSA", Arrays.asList(2048))));
cit.keyReuse(true);
cit.subjectCNRegexes(Arrays.asList("^random name$", "^.*.example.com$", "^.*.example.org$", "^.*.example.net$", "^.*.invalid$", "^.*.local$", "^.*.localhost$", "^.*.test$"));
cit.subjectORegexes(Arrays.asList("^.*$"));
cit.subjectOURegexes(Arrays.asList("^.*$"));
cit.subjectSTRegexes(Arrays.asList());
cit.subjectLRegexes(Arrays.asList());
cit.subjectCValues(Arrays.asList());
cit.sanDnsNameRegexes(Arrays.asList());
Application application = new Application();
application.id("d3d7e270-545b-11eb-a494-893c4e1e4fad");
when(cloud.applicationByName(eq("test_app"), eq(apiKey))).thenReturn(application);
when(cloud.certificateIssuingTemplateByAppNameAndCitAlias(eq("test_app"), eq("test_zone"), eq(apiKey))).thenReturn(cit);
// todo:
when(cloud.certificateRequest(eq(apiKey), any(CloudConnector.CertificateRequestsPayload.class))).thenReturn(new CloudConnector.CertificateRequestsResponse().certificateRequests(singletonList(new CloudConnector.CertificateRequestsResponseData().id("jackpot"))));
CertificateRequest request = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName("random name").organization(singletonList("Venafi, Inc.")).organizationalUnit(singletonList("Automated Tests")));
final Authentication auth = new Authentication(null, null, apiKey);
classUnderTest.authenticate(auth);
ZoneConfiguration zoneConfig = classUnderTest.readZoneConfiguration("test_app\\test_zone");
classUnderTest.generateRequest(zoneConfig, request);
String actual = classUnderTest.requestCertificate(request, zoneConfig);
assertThat(actual).isEqualTo("jackpot");
}
Aggregations