use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppConnectorAT method generateRequest.
@Test
void generateRequest() throws VCertException, IOException {
String commonName = TestUtils.randomCN();
ZoneConfiguration zoneConfiguration = connectorResource.connector().readZoneConfiguration(TestUtils.TPP_ZONE);
CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).ipAddresses(getTestIps()).keyType(KeyType.RSA).keyLength(2048);
certificateRequest = connectorResource.connector().generateRequest(zoneConfiguration, certificateRequest);
assertThat(certificateRequest.csr()).isNotEmpty();
PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(new String(certificateRequest.csr()))).readObject();
// Values overridden by policy which is why they don't match the above values
String subject = request.getSubject().toString();
assertThat(subject).contains(format("CN=%s", commonName));
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class TppConnectorCertAT method revokeCertificate.
@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
TppConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
CertificateRequest certificateRequest = connectorResource.certificateRequest();
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(certificateId).isNotNull();
// just wait for the certificate issuance
connector.retrieveCertificate(certificateRequest);
RevocationRequest revocationRequest = new RevocationRequest();
revocationRequest.reason("key-compromise");
revocationRequest.certificateDN(certificateRequest.pickupId());
connector.revokeCertificate(revocationRequest);
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class CloudConnectorAT method generateRequest.
@Test
void generateRequest() throws VCertException, IOException {
String commonName = TestUtils.randomCN();
CloudConnector connector = connectorResource.connector();
ZoneConfiguration zoneConfiguration = connector.readZoneConfiguration(TestUtils.CLOUD_ZONE);
CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).keyType(KeyType.RSA);
certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
assertThat(certificateRequest.csr()).isNotEmpty();
PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(Strings.fromByteArray(certificateRequest.csr()))).readObject();
String subject = request.getSubject().toString();
assertThat(subject).contains(String.format("CN=%s", commonName));
assertThat(subject).contains("O=Venafi\\, Inc.");
assertThat(subject).contains("OU=Engineering");
assertThat(subject).contains("OU=Automated Tests");
assertThat(subject).contains("C=US");
assertThat(subject).contains("L=SLC");
assertThat(subject).contains("ST=Utah");
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class CloudConnectorIT method requestCertificate.
@Test
void requestCertificate() throws VCertException {
CertificateRequest certificateRequest = new CertificateRequest().csr("-----BEGIN CERTIFICATE REQUEST-----\nMIIBrDCCARUCAQAwbDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxEjAQBgNV\nBAcMCVNhbHQgTGFrZTEPMA0GA1UECgwGVmVuYWZpMQ8wDQYDVQQLDAZEZXZPcHMx\nGDAWBgNVBAMMD3Rlc3QudmVuZGV2LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\ngYkCgYEAqIPiGtjnxep5gQHIiDXhHpHYhr/ndwFKQ2HNGftD3AMjMDyolSQY27w7\nPScTZXcuENew0zsH4iA7UsFhEGB6AIoelBWxiWc1SYRNslIgsSxsRlksJowFcL/E\n40qkmL0TerI2vq829jF3XY6X1E3e1OXo0kbmBLwEB/xnpfuvpt0CAwEAAaAAMA0G\nCSqGSIb3DQEBCwUAA4GBAGsKm5fJ8Zm/j9XMPXhPYmOdiDj+9QlcFq7uRRqwpxo7\nC507RR5Pj2zBRZRLJcc/bNTQFqnW92kIcvJ+YvrQl/GkEMKM2wds/RyMXRHtOJvZ\nYQt6JtkAeQOMECJ7RRHrZiG+m2by2YAB2krthK2gJGSr80xWzZWzrgdwdTe2sxUG\n-----BEGIN CERTIFICATE REQUEST-----".getBytes());
// todo: improve test: add request matcher (and add data to request to ensure it gets passed
// through all right)
ZoneConfiguration zoneConfiguration = new ZoneConfiguration();
zoneConfiguration.zoneId("Default");
String requestId = classUnderTest.requestCertificate(certificateRequest, zoneConfiguration);
assertThat(requestId).isEqualTo("04c051d0-f118-11e5-8b33-d96cf8021ce5");
}
use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.
the class CloudConnectorIT method readZoneConfiguration.
// todo: unit test for mapping code to check whatever is null here is mapped correctly.
@Test
void readZoneConfiguration() throws VCertException {
ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration("test_app\\test_zone");
assertThat(zoneConfiguration).isNotNull();
assertThat(zoneConfiguration.organization().equals("Venafi Inc."));
assertThat(zoneConfiguration.organizationalUnit()).containsExactly("Integrations");
assertThat(zoneConfiguration.country().equals("US"));
assertThat(zoneConfiguration.province().equals("Utah"));
assertThat(zoneConfiguration.locality().equals("Salt Lake"));
assertThat(zoneConfiguration.policy()).isNotNull();
assertThat(zoneConfiguration.policy().subjectCNRegexes()).containsExactly("^.*.example.com$", "^.*.example.org$", "^.*.example.net$", "^.*.invalid$", "^.*.local$", "^.*.localhost$", "^.*.test$");
assertThat(zoneConfiguration.policy().subjectORegexes()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().subjectOURegexes()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().subjectSTRegexes()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().subjectLRegexes()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().subjectCRegexes()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).isNotNull();
assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).isNotNull();
assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).hasSize(1);
assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyType()).isEqualTo(KeyType.RSA);
assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keySizes()).containsExactly(2048, 4096);
assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyCurves()).isNull();
assertThat(zoneConfiguration.policy().dnsSanRegExs()).containsExactly("^.*$");
assertThat(zoneConfiguration.policy().ipSanRegExs()).isNull();
assertThat(zoneConfiguration.policy().emailSanRegExs()).isNull();
assertThat(zoneConfiguration.policy().uriSanRegExs()).isNull();
assertThat(zoneConfiguration.policy().upnSanRegExs()).isNull();
assertThat(zoneConfiguration.policy().allowWildcards()).isFalse();
assertThat(zoneConfiguration.policy().allowKeyReuse()).isFalse();
assertThat(zoneConfiguration.hashAlgorithm()).isEqualTo(SignatureAlgorithm.UnknownSignatureAlgorithm);
assertThat(zoneConfiguration.customAttributeValues()).isNotNull();
assertThat(zoneConfiguration.customAttributeValues()).isEmpty();
}
Aggregations