Search in sources :

Example 36 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorAT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    String commonName = TestUtils.randomCN();
    ZoneConfiguration zoneConfiguration = connectorResource.connector().readZoneConfiguration(TestUtils.TPP_ZONE);
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).ipAddresses(getTestIps()).keyType(KeyType.RSA).keyLength(2048);
    certificateRequest = connectorResource.connector().generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(new String(certificateRequest.csr()))).readObject();
    // Values overridden by policy which is why they don't match the above values
    String subject = request.getSubject().toString();
    assertThat(subject).contains(format("CN=%s", commonName));
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 37 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class TppConnectorCertAT method revokeCertificate.

@Test
void revokeCertificate() throws VCertException, SocketException, UnknownHostException {
    TppConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connectorResource.zoneConfiguration();
    CertificateRequest certificateRequest = connectorResource.certificateRequest();
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    String certificateId = connector.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(certificateId).isNotNull();
    // just wait for the certificate issuance
    connector.retrieveCertificate(certificateRequest);
    RevocationRequest revocationRequest = new RevocationRequest();
    revocationRequest.reason("key-compromise");
    revocationRequest.certificateDN(certificateRequest.pickupId());
    connector.revokeCertificate(revocationRequest);
}
Also used : RevocationRequest(com.venafi.vcert.sdk.certificate.RevocationRequest) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 38 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorAT method generateRequest.

@Test
void generateRequest() throws VCertException, IOException {
    String commonName = TestUtils.randomCN();
    CloudConnector connector = connectorResource.connector();
    ZoneConfiguration zoneConfiguration = connector.readZoneConfiguration(TestUtils.CLOUD_ZONE);
    CertificateRequest certificateRequest = new CertificateRequest().subject(new CertificateRequest.PKIXName().commonName(commonName).organization(Collections.singletonList("Venafi, Inc.")).organizationalUnit(Arrays.asList("Engineering", "Automated Tests")).country(Collections.singletonList("US")).locality(Collections.singletonList("SLC")).province(Collections.singletonList("Utah"))).dnsNames(Collections.singletonList(InetAddress.getLocalHost().getHostName())).keyType(KeyType.RSA);
    certificateRequest = connector.generateRequest(zoneConfiguration, certificateRequest);
    assertThat(certificateRequest.csr()).isNotEmpty();
    PKCS10CertificationRequest request = (PKCS10CertificationRequest) new PEMParser(new StringReader(Strings.fromByteArray(certificateRequest.csr()))).readObject();
    String subject = request.getSubject().toString();
    assertThat(subject).contains(String.format("CN=%s", commonName));
    assertThat(subject).contains("O=Venafi\\, Inc.");
    assertThat(subject).contains("OU=Engineering");
    assertThat(subject).contains("OU=Automated Tests");
    assertThat(subject).contains("C=US");
    assertThat(subject).contains("L=SLC");
    assertThat(subject).contains("ST=Utah");
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMParser(org.bouncycastle.openssl.PEMParser) ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) StringReader(java.io.StringReader) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 39 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorIT method requestCertificate.

@Test
void requestCertificate() throws VCertException {
    CertificateRequest certificateRequest = new CertificateRequest().csr("-----BEGIN CERTIFICATE REQUEST-----\nMIIBrDCCARUCAQAwbDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxEjAQBgNV\nBAcMCVNhbHQgTGFrZTEPMA0GA1UECgwGVmVuYWZpMQ8wDQYDVQQLDAZEZXZPcHMx\nGDAWBgNVBAMMD3Rlc3QudmVuZGV2LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw\ngYkCgYEAqIPiGtjnxep5gQHIiDXhHpHYhr/ndwFKQ2HNGftD3AMjMDyolSQY27w7\nPScTZXcuENew0zsH4iA7UsFhEGB6AIoelBWxiWc1SYRNslIgsSxsRlksJowFcL/E\n40qkmL0TerI2vq829jF3XY6X1E3e1OXo0kbmBLwEB/xnpfuvpt0CAwEAAaAAMA0G\nCSqGSIb3DQEBCwUAA4GBAGsKm5fJ8Zm/j9XMPXhPYmOdiDj+9QlcFq7uRRqwpxo7\nC507RR5Pj2zBRZRLJcc/bNTQFqnW92kIcvJ+YvrQl/GkEMKM2wds/RyMXRHtOJvZ\nYQt6JtkAeQOMECJ7RRHrZiG+m2by2YAB2krthK2gJGSr80xWzZWzrgdwdTe2sxUG\n-----BEGIN CERTIFICATE REQUEST-----".getBytes());
    // todo: improve test: add request matcher (and add data to request to ensure it gets passed
    // through all right)
    ZoneConfiguration zoneConfiguration = new ZoneConfiguration();
    zoneConfiguration.zoneId("Default");
    String requestId = classUnderTest.requestCertificate(certificateRequest, zoneConfiguration);
    assertThat(requestId).isEqualTo("04c051d0-f118-11e5-8b33-d96cf8021ce5");
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) CertificateRequest(com.venafi.vcert.sdk.certificate.CertificateRequest) Test(org.junit.jupiter.api.Test)

Example 40 with ZoneConfiguration

use of com.venafi.vcert.sdk.connectors.ZoneConfiguration in project vcert-java by Venafi.

the class CloudConnectorIT method readZoneConfiguration.

// todo: unit test for mapping code to check whatever is null here is mapped correctly.
@Test
void readZoneConfiguration() throws VCertException {
    ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration("test_app\\test_zone");
    assertThat(zoneConfiguration).isNotNull();
    assertThat(zoneConfiguration.organization().equals("Venafi Inc."));
    assertThat(zoneConfiguration.organizationalUnit()).containsExactly("Integrations");
    assertThat(zoneConfiguration.country().equals("US"));
    assertThat(zoneConfiguration.province().equals("Utah"));
    assertThat(zoneConfiguration.locality().equals("Salt Lake"));
    assertThat(zoneConfiguration.policy()).isNotNull();
    assertThat(zoneConfiguration.policy().subjectCNRegexes()).containsExactly("^.*.example.com$", "^.*.example.org$", "^.*.example.net$", "^.*.invalid$", "^.*.local$", "^.*.localhost$", "^.*.test$");
    assertThat(zoneConfiguration.policy().subjectORegexes()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().subjectOURegexes()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().subjectSTRegexes()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().subjectLRegexes()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().subjectCRegexes()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).isNotNull();
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).isNotNull();
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations()).hasSize(1);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyType()).isEqualTo(KeyType.RSA);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keySizes()).containsExactly(2048, 4096);
    assertThat(zoneConfiguration.policy().allowedKeyConfigurations().get(0).keyCurves()).isNull();
    assertThat(zoneConfiguration.policy().dnsSanRegExs()).containsExactly("^.*$");
    assertThat(zoneConfiguration.policy().ipSanRegExs()).isNull();
    assertThat(zoneConfiguration.policy().emailSanRegExs()).isNull();
    assertThat(zoneConfiguration.policy().uriSanRegExs()).isNull();
    assertThat(zoneConfiguration.policy().upnSanRegExs()).isNull();
    assertThat(zoneConfiguration.policy().allowWildcards()).isFalse();
    assertThat(zoneConfiguration.policy().allowKeyReuse()).isFalse();
    assertThat(zoneConfiguration.hashAlgorithm()).isEqualTo(SignatureAlgorithm.UnknownSignatureAlgorithm);
    assertThat(zoneConfiguration.customAttributeValues()).isNotNull();
    assertThat(zoneConfiguration.customAttributeValues()).isEmpty();
}
Also used : ZoneConfiguration(com.venafi.vcert.sdk.connectors.ZoneConfiguration) Test(org.junit.jupiter.api.Test)

Aggregations

ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)50 CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)42 Test (org.junit.jupiter.api.Test)42 DisplayName (org.junit.jupiter.api.DisplayName)20 PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)17 RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)7 StringReader (java.io.StringReader)7 X509Certificate (java.security.cert.X509Certificate)7 RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)5 Authentication (com.venafi.vcert.sdk.endpoint.Authentication)5 PEMParser (org.bouncycastle.openssl.PEMParser)4 PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)4 Config (com.venafi.vcert.sdk.Config)3 TestUtils (com.venafi.vcert.sdk.TestUtils)3 VCertException (com.venafi.vcert.sdk.VCertException)3 CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)3 DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)3 ServerPolicy (com.venafi.vcert.sdk.connectors.ServerPolicy)3 FeignException (feign.FeignException)3 IOException (java.io.IOException)3