Example 1 with CertificateIssuingTemplate
use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.
the class CloudPolicyToPolicyConverter method convertToPolicy.
public PolicySpecification convertToPolicy(CloudPolicy cloudPolicy) throws Exception {
PolicySpecification policySpecification = new PolicySpecification();
CertificateIssuingTemplate cit = cloudPolicy.certificateIssuingTemplate();
policySpecification.name(cit.name());
processPolicy(policySpecification, cloudPolicy);
processDefaults(policySpecification, cloudPolicy);
return policySpecification;
}
Also used :
PolicySpecification(com.venafi.vcert.sdk.policy.domain.PolicySpecification)
CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)
Example 2 with CertificateIssuingTemplate
use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.
the class PolicyToCloudPolicyConverter method convertFromPolicy.
public CloudPolicy convertFromPolicy(PolicySpecification policySpecification) throws Exception {
CloudPolicy cloudPolicy = new CloudPolicy();
Policy policy = policySpecification.policy();
CloudPolicy.CAInfo caInfo = getCertAuthorityInfo(policy);
cloudPolicy.caInfo(caInfo);
CertificateIssuingTemplate cit = new CertificateIssuingTemplate();
cloudPolicy.certificateIssuingTemplate(cit);
cit.certificateAuthority(caInfo.caType());
cit.product(new CertificateIssuingTemplate.Product(caInfo.caType(), caInfo.vendorProductName(), getValidityPeriod(policy), null, null, null));
switch(caInfo.caType().toUpperCase()) {
case CloudConstants.ENTRUST_TYPE:
cit.trackingData(CloudConstants.ENTRUST_DEFAULT_TRACKING_DATA);
break;
case CloudConstants.DIGICERT_TYPE:
CertificateIssuingTemplate.Product product = cit.product();
product.hashAlgorithm("SHA256");
product.autoRenew(false);
break;
}
List<String> domainsInRegex = convertDomainsToRegex(policy);
cit.subjectCNRegexes(domainsInRegex);
if (policy != null && policy.subjectAltNames() != null && policy.subjectAltNames().dnsAllowed() != null) {
if (policy.subjectAltNames().dnsAllowed())
cit.sanDnsNameRegexes(domainsInRegex);
} else
cit.sanDnsNameRegexes(domainsInRegex);
List<String> defaultRegexes = new ArrayList<>();
defaultRegexes.add(PolicySpecificationConst.ALLOW_ALL);
if (policy != null && policy.subject() != null) {
Subject policySubject = policy.subject();
cit.subjectORegexes((policySubject.orgs() != null && policySubject.orgs().length > 0) ? Arrays.asList(policySubject.orgs()) : defaultRegexes);
cit.subjectOURegexes((policySubject.orgUnits() != null && policySubject.orgUnits().length > 0) ? Arrays.asList(policySubject.orgUnits()) : defaultRegexes);
cit.subjectLRegexes((policySubject.localities() != null && policySubject.localities().length > 0) ? Arrays.asList(policySubject.localities()) : defaultRegexes);
cit.subjectSTRegexes((policySubject.states() != null && policySubject.states().length > 0) ? Arrays.asList(policySubject.states()) : defaultRegexes);
cit.subjectCValues((policySubject.countries() != null && policySubject.countries().length > 0) ? Arrays.asList(policySubject.countries()) : defaultRegexes);
} else {
cit.subjectORegexes(defaultRegexes);
cit.subjectOURegexes(defaultRegexes);
cit.subjectLRegexes(defaultRegexes);
cit.subjectSTRegexes(defaultRegexes);
cit.subjectCValues(defaultRegexes);
}
cit.keyTypes(getKeyTypes(policy));
cit.keyReuse(policy != null && policy.keyPair() != null && policy.keyPair().reuseAllowed() != null ? policy.keyPair().reuseAllowed() : false);
// build recommended settings
Defaults defaults = policySpecification.defaults();
if (defaults != null && defaults.subject() != null) {
DefaultsSubject defaultsSubject = defaults.subject();
if (defaultsSubject.org() != null)
getRecommendedSettings(cit).subjectOValue(defaultsSubject.org());
if (defaultsSubject.orgUnits() != null)
getRecommendedSettings(cit).subjectOUValue(defaultsSubject.orgUnits()[0]);
if (defaultsSubject.locality() != null)
getRecommendedSettings(cit).subjectLValue(defaultsSubject.locality());
if (defaultsSubject.state() != null)
getRecommendedSettings(cit).subjectSTValue(defaultsSubject.state());
if (defaultsSubject.country() != null)
getRecommendedSettings(cit).subjectCValue(defaultsSubject.country());
}
if (defaults != null && defaults.keyPair() != null) {
CertificateIssuingTemplate.AllowedKeyType recommendedKey = getDefaultKeyType(defaults);
CertificateIssuingTemplate.RecommendedSettingsKey key = getRecommendedSettingsKey(cit);
key.type(recommendedKey.keyType());
key.length(recommendedKey.keyLengths().get(0));
}
return cloudPolicy;
}
Also used :
CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)
ArrayList(java.util.ArrayList)
CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)
CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)
Example 3 with CertificateIssuingTemplate
use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.
the class CloudConnectorUtils method setCit.
public static void setCit(String policyName, CertificateIssuingTemplate cit, CloudPolicy.CAInfo caInfo, String apiKey, Cloud cloud) throws VCertException {
CloudZone cloudZone = new CloudZone(policyName);
cit.name(cloudZone.citAlias());
// getting the CAProductOptionId
CAAccountInfo caAccountInfo = CloudConnectorUtils.getCAAccountInfo(caInfo, apiKey, cloud);
String caProductOptionId = caAccountInfo.productId;
if (caProductOptionId == null)
throw new VCertException("Specified CA doesn't exist");
// Setting the CAProductOptionId to the parsed cit
cit.certificateAuthorityProductOptionId(caProductOptionId);
// setting the OrganizationId if the CA is DIGICERT
if (caInfo.caType().equals(CloudConstants.DIGICERT_TYPE))
if (caAccountInfo.organizationId != null)
cit.product().organizationId(caAccountInfo.organizationId);
else
throw new VCertException("It was not possible to determine the Organization Id from the DIGICERT Product.");
// Getting the cit from the server
CertificateIssuingTemplate citFromServer = CloudConnectorUtils.getCIT(cit.name(), apiKey, cloud);
// if cit already exists
if (citFromServer != null) {
// update it
// the citId can't put directly in the cit because it is not part of the format of the body request that the endpoint is waiting
cloud.updateCIT(cit, citFromServer.id(), apiKey);
cit.id(citFromServer.id());
} else {
// create it
// setting the citId resulting of the creation of the cit
cit.id(createCIT(cit, apiKey, cloud));
}
setCitToApp(policyName, cit, apiKey, cloud);
}
Also used :
VCertException(com.venafi.vcert.sdk.VCertException)
CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)
CloudZone(com.venafi.vcert.sdk.connectors.cloud.domain.CloudZone)
Example 4 with CertificateIssuingTemplate
use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.
the class CloudConnectorUtils method getCloudPolicy.
public static CloudPolicy getCloudPolicy(String policyName, String apiKey, Cloud cloud) throws VCertException {
CloudPolicy cloudPolicy = new CloudPolicy();
CertificateIssuingTemplate cit = getPolicy(policyName, apiKey, cloud);
cloudPolicy.certificateIssuingTemplate(cit);
cloudPolicy.caInfo(getCAInfo(cit, apiKey, cloud));
return cloudPolicy;
}
Also used :
CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)
CloudPolicy(com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)
Example 5 with CertificateIssuingTemplate
use of com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate in project vcert-java by Venafi.
the class CloudConnectorUtils method getCIT.
public static CertificateIssuingTemplate getCIT(String citName, String apiKey, Cloud cloud) throws VCertException {
CertificateIssuingTemplate cit = null;
CITsList citsList = cloud.getCITs(apiKey);
for (CertificateIssuingTemplate certificateIssuingTemplate : citsList.certificateIssuingTemplates()) {
if (certificateIssuingTemplate.name.equals(citName)) {
cit = certificateIssuingTemplate;
break;
}
}
return cit;
}
Also used :
CertificateIssuingTemplate(com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)
Aggregations
CertificateIssuingTemplate (com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate)7
CloudPolicy (com.venafi.vcert.sdk.policy.api.domain.CloudPolicy)2
VCertException (com.venafi.vcert.sdk.VCertException)1
CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)1
ZoneConfiguration (com.venafi.vcert.sdk.connectors.ZoneConfiguration)1
Application (com.venafi.vcert.sdk.connectors.cloud.domain.Application)1
AllowedKeyType (com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate.AllowedKeyType)1
CloudZone (com.venafi.vcert.sdk.connectors.cloud.domain.CloudZone)1
Authentication (com.venafi.vcert.sdk.endpoint.Authentication)1
PolicySpecification (com.venafi.vcert.sdk.policy.domain.PolicySpecification)1
ArrayList (java.util.ArrayList)1
BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)1
Test (org.junit.jupiter.api.Test)1
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)1
