Example 1 with DEFAULT_ADMIN_PORT
use of org.carapaceproxy.api.UseAdminServer.DEFAULT_ADMIN_PORT in project carapaceproxy by diennea.
the class CertificatesTest method testUploadTypedCertificatesWithDaysBeforeRenewal.
@Test
@Parameters({ "acme", "manual" })
public void testUploadTypedCertificatesWithDaysBeforeRenewal(String type) throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dynCertsMan = server.getDynamicCertificatesManager();
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
// Create
HttpResponse resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(10, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost-negative", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost-default", "type=" + type, chainData, client, credentials);
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost-default");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// Update
uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=45", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(45, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost2", "type=" + type, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// changing the type (acme <-> manual)
String other = type.equals("manual") ? "acme" : "manual";
uploadCertificate("localhost2", "type=" + other, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
SSLCertificateConfiguration config = server.getCurrentConfiguration().getCertificates().get("localhost2");
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, config.getDaysBeforeRenewal());
// checking for "certificate.X.daysbeforerenewal" property delete
ConfigurationStore store = server.getDynamicConfigurationStore();
assertEquals(other.equals("acme"), store.anyPropertyMatches((k, v) -> {
if (k.matches("certificate\\.[0-9]+\\.hostname") && v.equals("localhost2")) {
return store.getProperty(k.replace("hostname", "daysbeforerenewal"), null) != null;
}
return false;
}));
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
X509Certificate(java.security.cert.X509Certificate)
KeyPair(java.security.KeyPair)
Arrays(java.util.Arrays)
OcspStaplingManager(org.carapaceproxy.server.certificates.ocsp.OcspStaplingManager)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
Date(java.util.Date)
ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore)
CertificatesUtils.createKeystore(org.carapaceproxy.utils.CertificatesUtils.createKeystore)
Order(org.shredzone.acme4j.Order)
UseAdminServer(org.carapaceproxy.api.UseAdminServer)
JUnitParamsRunner(junitparams.JUnitParamsRunner)
WireMock.aResponse(com.github.tomakehurst.wiremock.client.WireMock.aResponse)
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
BasicOCSPRespBuilder(org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder)
List(java.util.List)
Base64(java.util.Base64)
Certificate(java.security.cert.Certificate)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
Assert.assertFalse(org.junit.Assert.assertFalse)
OCSPRespBuilder(org.bouncycastle.cert.ocsp.OCSPRespBuilder)
Login(org.shredzone.acme4j.Login)
ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession)
Mockito.mock(org.mockito.Mockito.mock)
Parameters(junitparams.Parameters)
KeyPairUtils(org.shredzone.acme4j.util.KeyPairUtils)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
Whitebox(org.powermock.reflect.Whitebox)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
CertificatesUtils(org.carapaceproxy.utils.CertificatesUtils)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
RunWith(org.junit.runner.RunWith)
BcDigestCalculatorProvider(org.bouncycastle.operator.bc.BcDigestCalculatorProvider)
WireMockRule(com.github.tomakehurst.wiremock.junit.WireMockRule)
CertificateID(org.bouncycastle.cert.ocsp.CertificateID)
DEFAULT_KEYPAIRS_SIZE(org.carapaceproxy.server.certificates.DynamicCertificatesManager.DEFAULT_KEYPAIRS_SIZE)
CertificateData(org.carapaceproxy.configstore.CertificateData)
CertificatesTestUtils.generateSampleChain(org.carapaceproxy.utils.CertificatesTestUtils.generateSampleChain)
HttpTestUtils(org.carapaceproxy.utils.HttpTestUtils)
SSLCertificateConfiguration(org.carapaceproxy.server.config.SSLCertificateConfiguration)
WireMock.get(com.github.tomakehurst.wiremock.client.WireMock.get)
Properties(java.util.Properties)
CertificateStatus(org.bouncycastle.cert.ocsp.CertificateStatus)
TestUtils(org.carapaceproxy.utils.TestUtils)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
VALID(org.shredzone.acme4j.Status.VALID)
OCSPResp(org.bouncycastle.cert.ocsp.OCSPResp)
Assert.assertTrue(org.junit.Assert.assertTrue)
DEFAULT_ADMIN_PORT(org.carapaceproxy.api.UseAdminServer.DEFAULT_ADMIN_PORT)
Test(org.junit.Test)
Mockito.when(org.mockito.Mockito.when)
CertificateException(java.security.cert.CertificateException)
BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)
Rule(org.junit.Rule)
DigestCalculatorProvider(org.bouncycastle.operator.DigestCalculatorProvider)
WireMock.stubFor(com.github.tomakehurst.wiremock.client.WireMock.stubFor)
WireMock.urlEqualTo(com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo)
DEFAULT_DAYS_BEFORE_RENEWAL(org.carapaceproxy.server.certificates.DynamicCertificatesManager.DEFAULT_DAYS_BEFORE_RENEWAL)
Assert.assertEquals(org.junit.Assert.assertEquals)
KeyPair(java.security.KeyPair)
ConfigurationStore(org.carapaceproxy.configstore.ConfigurationStore)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
SSLCertificateConfiguration(org.carapaceproxy.server.config.SSLCertificateConfiguration)
CertificateData(org.carapaceproxy.configstore.CertificateData)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Parameters(junitparams.Parameters)
Test(org.junit.Test)
Aggregations
WireMock.aResponse (com.github.tomakehurst.wiremock.client.WireMock.aResponse)1
WireMock.get (com.github.tomakehurst.wiremock.client.WireMock.get)1
WireMock.stubFor (com.github.tomakehurst.wiremock.client.WireMock.stubFor)1
WireMock.urlEqualTo (com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo)1
WireMockRule (com.github.tomakehurst.wiremock.junit.WireMockRule)1
KeyPair (java.security.KeyPair)1
Certificate (java.security.cert.Certificate)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
Arrays (java.util.Arrays)1
Base64 (java.util.Base64)1
Date (java.util.Date)1
List (java.util.List)1
Properties (java.util.Properties)1
ExtendedSSLSession (javax.net.ssl.ExtendedSSLSession)1
JUnitParamsRunner (junitparams.JUnitParamsRunner)1
Parameters (junitparams.Parameters)1
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)1
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1
JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)1
