Example 1 with OcspStaplingManager
use of org.carapaceproxy.server.certificates.ocsp.OcspStaplingManager in project carapaceproxy by diennea.
the class CertificatesTest method testOCSP.
@Test
public void testOCSP() throws Exception {
configureAndStartServer();
int port = server.getLocalPort();
OcspStaplingManager ocspMan = mock(OcspStaplingManager.class);
server.setOcspStaplingManager(ocspMan);
DynamicCertificatesManager dynCertMan = server.getDynamicCertificatesManager();
// Upload certificate and check its OCSP response
Certificate[] uploadedChain;
KeyPair endUserKeyPair = KeyPairUtils.createKeyPair(DEFAULT_KEYPAIRS_SIZE);
uploadedChain = generateSampleChain(endUserKeyPair, false);
OCSPResp ocspResp = generateOCSPResponse(uploadedChain, CertificateStatus.GOOD);
when(ocspMan.getOcspResponseForCertificate(uploadedChain[0])).thenReturn(ocspResp.getEncoded());
byte[] chainData = createKeystore(uploadedChain, endUserKeyPair.getPrivate());
try (RawHttpClient client = new RawHttpClient("localhost", DEFAULT_ADMIN_PORT)) {
RawHttpClient.HttpResponse resp = uploadCertificate("localhost", null, chainData, client, credentials);
assertTrue(resp.getBodyString().contains("SUCCESS"));
CertificateData data = dynCertMan.getCertificateDataForDomain("localhost");
assertNotNull(data);
assertTrue(data.isManual());
assertTrue(data.getState() == DynamicCertificateState.AVAILABLE);
}
// check ocsp response
try (RawHttpClient c = new RawHttpClient("localhost", port, true, "localhost")) {
RawHttpClient.HttpResponse r = c.get("/index.html", credentials);
assertEquals("it <b>works</b> !!", r.getBodyString());
Certificate[] obtainedChain = c.getServerCertificate();
assertNotNull(obtainedChain);
CertificatesUtils.compareChains(uploadedChain, obtainedChain);
ExtendedSSLSession session = (ExtendedSSLSession) c.getSSLSocket().getSession();
List<byte[]> statusResponses = session.getStatusResponses();
assertEquals(1, statusResponses.size());
}
}
Also used :
RawHttpClient(org.carapaceproxy.utils.RawHttpClient)
KeyPair(java.security.KeyPair)
HttpResponse(org.carapaceproxy.utils.RawHttpClient.HttpResponse)
ExtendedSSLSession(javax.net.ssl.ExtendedSSLSession)
OcspStaplingManager(org.carapaceproxy.server.certificates.ocsp.OcspStaplingManager)
OCSPResp(org.bouncycastle.cert.ocsp.OCSPResp)
BasicOCSPResp(org.bouncycastle.cert.ocsp.BasicOCSPResp)
CertificateData(org.carapaceproxy.configstore.CertificateData)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
CertificatesTestUtils.uploadCertificate(org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)
Test(org.junit.Test)
Aggregations
KeyPair (java.security.KeyPair)1
Certificate (java.security.cert.Certificate)1
X509Certificate (java.security.cert.X509Certificate)1
ExtendedSSLSession (javax.net.ssl.ExtendedSSLSession)1
BasicOCSPResp (org.bouncycastle.cert.ocsp.BasicOCSPResp)1
OCSPResp (org.bouncycastle.cert.ocsp.OCSPResp)1
CertificateData (org.carapaceproxy.configstore.CertificateData)1
OcspStaplingManager (org.carapaceproxy.server.certificates.ocsp.OcspStaplingManager)1
CertificatesTestUtils.uploadCertificate (org.carapaceproxy.utils.CertificatesTestUtils.uploadCertificate)1
RawHttpClient (org.carapaceproxy.utils.RawHttpClient)1
HttpResponse (org.carapaceproxy.utils.RawHttpClient.HttpResponse)1
Test (org.junit.Test)1
