Search in sources :

Example 1 with SSLHostConfigCertificate

use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.

the class CertificateCreateRule method begin.

@Override
public void begin(String namespace, String name, Attributes attributes) throws Exception {
    SSLHostConfig sslHostConfig = (SSLHostConfig) digester.peek();
    Type type;
    String typeValue = attributes.getValue("type");
    if (typeValue == null || typeValue.length() == 0) {
        type = Type.UNDEFINED;
    } else {
        type = Type.valueOf(typeValue);
    }
    SSLHostConfigCertificate certificate = new SSLHostConfigCertificate(sslHostConfig, type);
    digester.push(certificate);
    StringBuilder code = digester.getGeneratedCode();
    if (code != null) {
        code.append(SSLHostConfigCertificate.class.getName()).append(' ').append(digester.toVariableName(certificate));
        code.append(" = new ").append(SSLHostConfigCertificate.class.getName());
        code.append('(').append(digester.toVariableName(sslHostConfig));
        code.append(", ").append(Type.class.getName().replace('$', '.')).append('.').append(type).append(");");
        code.append(System.lineSeparator());
    }
}
Also used : Type(org.apache.tomcat.util.net.SSLHostConfigCertificate.Type) SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate) SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig)

Example 2 with SSLHostConfigCertificate

use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.

the class ManagerServlet method getConnectorCerts.

protected Map<String, List<String>> getConnectorCerts(StringManager smClient) {
    Map<String, List<String>> result = new HashMap<>();
    Connector[] connectors = getConnectors();
    for (Connector connector : connectors) {
        if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
            SSLHostConfig[] sslHostConfigs = connector.getProtocolHandler().findSslHostConfigs();
            for (SSLHostConfig sslHostConfig : sslHostConfigs) {
                if (sslHostConfig.getOpenSslContext().longValue() == 0) {
                    // Not set. Must be JSSE based.
                    Set<SSLHostConfigCertificate> sslHostConfigCerts = sslHostConfig.getCertificates();
                    for (SSLHostConfigCertificate sslHostConfigCert : sslHostConfigCerts) {
                        String name = connector.toString() + "-" + sslHostConfig.getHostName() + "-" + sslHostConfigCert.getType();
                        List<String> certList = new ArrayList<>();
                        SSLContext sslContext = sslHostConfigCert.getSslContext();
                        String alias = sslHostConfigCert.getCertificateKeyAlias();
                        if (alias == null) {
                            alias = "tomcat";
                        }
                        X509Certificate[] certs = sslContext.getCertificateChain(alias);
                        if (certs == null) {
                            certList.add(smClient.getString("managerServlet.certsNotAvailable"));
                        } else {
                            for (Certificate cert : certs) {
                                certList.add(cert.toString());
                            }
                        }
                        result.put(name, certList);
                    }
                } else {
                    List<String> certList = new ArrayList<>();
                    certList.add(smClient.getString("managerServlet.certsNotAvailable"));
                    String name = connector.toString() + "-" + sslHostConfig.getHostName();
                    result.put(name, certList);
                }
            }
        } else {
            List<String> certList = new ArrayList<>(1);
            certList.add(smClient.getString("managerServlet.notSslConnector"));
            result.put(connector.toString(), certList);
        }
    }
    return result;
}
Also used : Connector(org.apache.catalina.connector.Connector) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) SSLContext(org.apache.tomcat.util.net.SSLContext) X509Certificate(java.security.cert.X509Certificate) SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate) List(java.util.List) ArrayList(java.util.ArrayList) SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate)

Example 3 with SSLHostConfigCertificate

use of org.apache.tomcat.util.net.SSLHostConfigCertificate in project tomcat by apache.

the class SSLHostConfigSF method storeChildren.

/**
 * Store nested SSLHostConfigCertificate elements.
 * {@inheritDoc}
 */
@Override
public void storeChildren(PrintWriter aWriter, int indent, Object aSSLHostConfig, StoreDescription parentDesc) throws Exception {
    if (aSSLHostConfig instanceof SSLHostConfig) {
        SSLHostConfig sslHostConfig = (SSLHostConfig) aSSLHostConfig;
        // Store nested <SSLHostConfigCertificate> elements
        SSLHostConfigCertificate[] hostConfigsCertificates = sslHostConfig.getCertificates().toArray(new SSLHostConfigCertificate[0]);
        // Remove a possible default UNDEFINED certificate
        if (hostConfigsCertificates.length > 1) {
            ArrayList<SSLHostConfigCertificate> certificates = new ArrayList<>();
            for (SSLHostConfigCertificate certificate : hostConfigsCertificates) {
                if (Type.UNDEFINED != certificate.getType()) {
                    certificates.add(certificate);
                }
            }
            hostConfigsCertificates = certificates.toArray(new SSLHostConfigCertificate[0]);
        }
        storeElementArray(aWriter, indent, hostConfigsCertificates);
        // Store nested <OpenSSLConf> element
        OpenSSLConf openSslConf = sslHostConfig.getOpenSslConf();
        storeElement(aWriter, indent, openSslConf);
    }
}
Also used : SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate) ArrayList(java.util.ArrayList) OpenSSLConf(org.apache.tomcat.util.net.openssl.OpenSSLConf) SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig)

Aggregations

SSLHostConfig (org.apache.tomcat.util.net.SSLHostConfig)3 SSLHostConfigCertificate (org.apache.tomcat.util.net.SSLHostConfigCertificate)3 ArrayList (java.util.ArrayList)2 Certificate (java.security.cert.Certificate)1 X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1 List (java.util.List)1 Connector (org.apache.catalina.connector.Connector)1 SSLContext (org.apache.tomcat.util.net.SSLContext)1 Type (org.apache.tomcat.util.net.SSLHostConfigCertificate.Type)1 OpenSSLConf (org.apache.tomcat.util.net.openssl.OpenSSLConf)1