use of com.vmware.photon.controller.model.security.service.SslTrustCertificateService.SslTrustCertificateState in project photon-model by vmware.
the class CertificateUtil method storeCertificate.
public static void storeCertificate(X509Certificate endCertificate, List<String> tenantLinks, ServiceHost host, ServiceRequestSender sender, CompletionHandler ch) {
SslTrustCertificateState certState = new SslTrustCertificateState();
if (tenantLinks != null) {
certState.tenantLinks = tenantLinks;
}
certState.certificate = CertificateUtil.toPEMformat(endCertificate);
SslTrustCertificateState.populateCertificateProperties(certState, endCertificate);
logger.info(String.format("Register certificate with common name: %s " + "and fingerprint: %s in trust store", certState.commonName, certState.fingerprint));
// save untrusted certificate to the trust store
Operation.createPost(host, SslTrustCertificateService.FACTORY_LINK).addPragmaDirective(Operation.PRAGMA_DIRECTIVE_FORCE_INDEX_UPDATE).setBody(certState).setCompletion(ch).sendWith(sender);
ServerX509TrustManager trustManager = ServerX509TrustManager.getInstance();
if (trustManager != null) {
logger.fine("Register Certificate " + certState);
trustManager.registerCertificate(certState);
}
}
use of com.vmware.photon.controller.model.security.service.SslTrustCertificateService.SslTrustCertificateState in project photon-model by vmware.
the class SslTrustCertificateServiceTest method setUp.
@Before
public void setUp() throws Throwable {
this.sslTrust1 = CommonTestStateFactory.getFileContent("test_ssl_trust.PEM").trim();
this.sslTrust2 = CommonTestStateFactory.getFileContent("test_ssl_trust2.PEM").trim();
this.sslTrustCert = new SslTrustCertificateState();
this.sslTrustCert.certificate = this.sslTrust1;
this.host.startService(new SslTrustCertificateFactoryService());
waitForServiceAvailability(SslTrustCertificateService.FACTORY_LINK);
}
use of com.vmware.photon.controller.model.security.service.SslTrustCertificateService.SslTrustCertificateState in project photon-model by vmware.
the class SslTrustCertificateServiceTest method testPOSTandGET.
@Test
public void testPOSTandGET() throws Throwable {
verifyService(FactoryService.create(SslTrustCertificateService.class), SslTrustCertificateState.class, (prefix, index) -> {
return this.sslTrustCert;
}, (prefix, serviceDocument) -> {
SslTrustCertificateState state = (SslTrustCertificateState) serviceDocument;
assertEquals(this.sslTrustCert.certificate, state.certificate);
validateCertProperties(state);
});
}
use of com.vmware.photon.controller.model.security.service.SslTrustCertificateService.SslTrustCertificateState in project photon-model by vmware.
the class SslTrustCertificateServiceUtilsTest method testLoadCertificates.
@Test
public void testLoadCertificates() throws Throwable {
int numCerts = 10;
// create certificates
SslTrustCertificateState[] certState = new SslTrustCertificateState[numCerts];
for (int i = 0; i < numCerts; i++) {
String certPEM = CommonTestStateFactory.getFileContent("test_ssl_trust.PEM").trim();
X509Certificate[] certificates = CertificateUtil.createCertificateChain(certPEM);
// Populate the certificate properties based on the first (end server) certificate
X509Certificate endCertificate = certificates[0];
certState[i] = new SslTrustCertificateState();
certState[i].certificate = CertificateUtil.toPEMformat(endCertificate);
// since documentSelfLink is calculated from certState.certificate
// we need to make it unique in each of the 10 certStates
// be careful if you make any changes to file 'test_ssl_trust.PEM'
// then you will have to change following lines to pick a different
// set of characters (here 'EMMA') to replace, for creating unique cert
String replacement = String.valueOf(i);
certState[i].certificate = certState[i].certificate.replaceAll("P", replacement);
this.host.sendAndWaitExpectSuccess(Operation.createPost(this.host, SslTrustCertificateService.FACTORY_LINK).setBody(certState[i]));
}
// test different page sizes
testLoadCertificatesPagination(numCerts, 1);
testLoadCertificatesPagination(numCerts, 2);
testLoadCertificatesPagination(numCerts, 3);
testLoadCertificatesPagination(numCerts, 10);
testLoadCertificatesPagination(numCerts, 11);
}
use of com.vmware.photon.controller.model.security.service.SslTrustCertificateService.SslTrustCertificateState in project photon-model by vmware.
the class ServerX509TrustManager method certificateChanged.
private void certificateChanged(Operation operation) {
Utils.log(getClass(), getClass().getName(), Level.WARNING, "process certificate changed for operation %s", operation.toLogString());
QueryTask queryTask = operation.getBody(QueryTask.class);
if (queryTask.results != null && queryTask.results.documentLinks != null && !queryTask.results.documentLinks.isEmpty()) {
queryTask.results.documents.values().forEach(doc -> {
SslTrustCertificateState cert = Utils.fromJson(doc, SslTrustCertificateState.class);
if (Action.DELETE.toString().equals(cert.documentUpdateAction)) {
deleteCertificate(cert.getAlias());
} else {
registerCertificate(cert);
}
});
} else {
Utils.log(getClass(), getClass().getName(), Level.WARNING, "No document links for operation %s", operation.toLogString());
}
operation.complete();
}
Aggregations