Example 1 with SSLHostConfigCertificate
use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.
the class CertificateCreateRule method begin.
@Override
public void begin(String namespace, String name, Attributes attributes) throws Exception {
SSLHostConfig sslHostConfig = (SSLHostConfig) digester.peek();
Type type;
String typeValue = attributes.getValue("type");
if (typeValue == null || typeValue.length() == 0) {
type = Type.UNDEFINED;
} else {
type = Type.valueOf(typeValue);
}
SSLHostConfigCertificate certificate = new SSLHostConfigCertificate(sslHostConfig, type);
digester.push(certificate);
StringBuilder code = digester.getGeneratedCode();
if (code != null) {
code.append(SSLHostConfigCertificate.class.getName()).append(' ').append(digester.toVariableName(certificate));
code.append(" = new ").append(SSLHostConfigCertificate.class.getName());
code.append('(').append(digester.toVariableName(sslHostConfig));
code.append(", ").append(Type.class.getName().replace('$', '.')).append('.').append(type).append(");");
code.append(System.lineSeparator());
}
}
Also used :
Type(org.apache.tomcat.util.net.SSLHostConfigCertificate.Type)
SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate)
SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig)
Example 2 with SSLHostConfigCertificate
use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.
the class ManagerServlet method getConnectorCerts.
protected Map<String, List<String>> getConnectorCerts(StringManager smClient) {
Map<String, List<String>> result = new HashMap<>();
Connector[] connectors = getConnectors();
for (Connector connector : connectors) {
if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
SSLHostConfig[] sslHostConfigs = connector.getProtocolHandler().findSslHostConfigs();
for (SSLHostConfig sslHostConfig : sslHostConfigs) {
if (sslHostConfig.getOpenSslContext().longValue() == 0) {
// Not set. Must be JSSE based.
Set<SSLHostConfigCertificate> sslHostConfigCerts = sslHostConfig.getCertificates();
for (SSLHostConfigCertificate sslHostConfigCert : sslHostConfigCerts) {
String name = connector.toString() + "-" + sslHostConfig.getHostName() + "-" + sslHostConfigCert.getType();
List<String> certList = new ArrayList<>();
SSLContext sslContext = sslHostConfigCert.getSslContext();
String alias = sslHostConfigCert.getCertificateKeyAlias();
if (alias == null) {
alias = "tomcat";
}
X509Certificate[] certs = sslContext.getCertificateChain(alias);
if (certs == null) {
certList.add(smClient.getString("managerServlet.certsNotAvailable"));
} else {
for (Certificate cert : certs) {
certList.add(cert.toString());
}
}
result.put(name, certList);
}
} else {
List<String> certList = new ArrayList<>();
certList.add(smClient.getString("managerServlet.certsNotAvailable"));
String name = connector.toString() + "-" + sslHostConfig.getHostName();
result.put(name, certList);
}
}
} else {
List<String> certList = new ArrayList<>(1);
certList.add(smClient.getString("managerServlet.notSslConnector"));
result.put(connector.toString(), certList);
}
}
return result;
}
Also used :
Connector(org.apache.catalina.connector.Connector)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
SSLContext(org.apache.tomcat.util.net.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate)
List(java.util.List)
ArrayList(java.util.ArrayList)
SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate)
Example 3 with SSLHostConfigCertificate
use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.
the class SSLHostConfigSF method storeChildren.
/**
* Store nested SSLHostConfigCertificate elements.
* {@inheritDoc}
*/
@Override
public void storeChildren(PrintWriter aWriter, int indent, Object aSSLHostConfig, StoreDescription parentDesc) throws Exception {
if (aSSLHostConfig instanceof SSLHostConfig) {
SSLHostConfig sslHostConfig = (SSLHostConfig) aSSLHostConfig;
// Store nested <SSLHostConfigCertificate> elements
SSLHostConfigCertificate[] hostConfigsCertificates = sslHostConfig.getCertificates().toArray(new SSLHostConfigCertificate[0]);
// Remove a possible default UNDEFINED certificate
if (hostConfigsCertificates.length > 1) {
ArrayList<SSLHostConfigCertificate> certificates = new ArrayList<>();
for (SSLHostConfigCertificate certificate : hostConfigsCertificates) {
if (Type.UNDEFINED != certificate.getType()) {
certificates.add(certificate);
}
}
hostConfigsCertificates = certificates.toArray(new SSLHostConfigCertificate[0]);
}
storeElementArray(aWriter, indent, hostConfigsCertificates);
// Store nested <OpenSSLConf> element
OpenSSLConf openSslConf = sslHostConfig.getOpenSslConf();
storeElement(aWriter, indent, openSslConf);
}
}
Also used :
SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate)
ArrayList(java.util.ArrayList)
OpenSSLConf(org.apache.tomcat.util.net.openssl.OpenSSLConf)
SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig)
Aggregations
SSLHostConfig (org.apache.tomcat.util.net.SSLHostConfig)3
SSLHostConfigCertificate (org.apache.tomcat.util.net.SSLHostConfigCertificate)3
ArrayList (java.util.ArrayList)2
Certificate (java.security.cert.Certificate)1
X509Certificate (java.security.cert.X509Certificate)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Connector (org.apache.catalina.connector.Connector)1
SSLContext (org.apache.tomcat.util.net.SSLContext)1
Type (org.apache.tomcat.util.net.SSLHostConfigCertificate.Type)1
OpenSSLConf (org.apache.tomcat.util.net.openssl.OpenSSLConf)1
