use of org.carapaceproxy.server.certificates.DynamicCertificatesManager.DEFAULT_DAYS_BEFORE_RENEWAL in project carapaceproxy by diennea.
the class CertificatesTest method testUploadTypedCertificatesWithDaysBeforeRenewal.
@Test
@Parameters({ "acme", "manual" })
public void testUploadTypedCertificatesWithDaysBeforeRenewal(String type) throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
DynamicCertificatesManager dynCertsMan = server.getDynamicCertificatesManager();
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
Certificate[] chain = generateSampleChain(endUserKeyPair, false);
byte[] chainData = createKeystore(chain, endUserKeyPair.getPrivate());
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
// Create
HttpResponse resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(10, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost-negative", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost-default", "type=" + type, chainData, client, credentials);
CertificateData data = dynCertsMan.getCertificateDataForDomain("localhost-default");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// Update
uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=45", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(45, data.getDaysBeforeRenewal());
}
// negative value
resp = uploadCertificate("localhost2", "type=" + type + "&daysbeforerenewal=-10", chainData, client, credentials);
if (type.equals("manual")) {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' available for type 'acme' only"));
} else {
assertTrue(resp.getBodyString().contains("ERROR: param 'daysbeforerenewal' has to be a positive number"));
}
// default value
uploadCertificate("localhost2", "type=" + type, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(type.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
// changing the type (acme <-> manual)
String other = type.equals("manual") ? "acme" : "manual";
uploadCertificate("localhost2", "type=" + other, chainData, client, credentials);
data = dynCertsMan.getCertificateDataForDomain("localhost2");
assertNotNull(data);
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, data.getDaysBeforeRenewal());
SSLCertificateConfiguration config = server.getCurrentConfiguration().getCertificates().get("localhost2");
assertEquals(other.equals("manual") ? 0 : DEFAULT_DAYS_BEFORE_RENEWAL, config.getDaysBeforeRenewal());
// checking for "certificate.X.daysbeforerenewal" property delete
ConfigurationStore store = server.getDynamicConfigurationStore();
assertEquals(other.equals("acme"), store.anyPropertyMatches((k, v) -> {
if (k.matches("certificate\\.[0-9]+\\.hostname") && v.equals("localhost2")) {
return store.getProperty(k.replace("hostname", "daysbeforerenewal"), null) != null;
}
return false;
}));
}
}
Aggregations