use of org.jboss.as.cli.impl.aesh.cmd.security.model.KeyStorePathSecurityBuilder in project wildfly-core by wildfly.
the class AbstractEnableSSLCommand method validateOptions.
private SSLSecurityBuilder validateOptions(CommandContext ctx) throws CommandException, IOException, OperationFormatException {
if (keystoreName == null && keystorePath == null && !interactive) {
throw new CommandException("One of " + formatOption(OPT_INTERACTIVE) + ", " + formatOption(OPT_KEY_STORE_NAME) + ", " + formatOption(OPT_KEY_STORE_PATH) + " must be set");
}
SSLSecurityBuilder builder = null;
if (keystorePath != null) {
if (keystoreName != null) {
throw new CommandException(formatOption(OPT_KEY_STORE_NAME) + " can't be used with " + formatOption(OPT_KEY_STORE_PATH));
}
File path;
if (keystorePathRelativeTo != null) {
path = new File(keystorePath.getOriginalPath());
} else {
path = keystorePath;
if (!path.exists()) {
throw new CommandException("File " + path + " doesn't exist.");
}
}
KeyStorePathSecurityBuilder kspBuilder = new KeyStorePathSecurityBuilder(path, keystorePassword);
kspBuilder.setRelativeTo(keystorePathRelativeTo).setType(keyStoreType).setName(newKeystoreName);
builder = kspBuilder;
}
if (keystoreName != null) {
if (builder != null) {
invalidUseCase();
}
if (newKeystoreName != null || keystorePassword != null || keyStoreType != null || keystorePathRelativeTo != null || keystorePath != null) {
throw new CommandException("key-store file related options can't be used with " + formatOption(OPT_KEY_STORE_NAME));
}
if (!ElytronUtil.keyStoreExists(ctx, keystoreName)) {
throw new CommandException("key-store " + keystoreName + " doesn't exist");
}
builder = new KeyStoreNameSecurityBuilder(keystoreName);
}
if (interactive) {
// Fully handled by prompting.
if (builder != null) {
invalidUseCase();
}
checkKeyStoreOperationsSupported(ctx, OPT_INTERACTIVE);
builder = new InteractiveSecurityBuilder(getDefaultKeyStoreFileName(ctx), getDefaultTrustStoreFileName(ctx), useLetsEncrypt, caAccount);
}
if (trustedCertificatePath != null) {
checkKeyStoreOperationsSupported(ctx, OPT_TRUSTED_CERTIFICATE_PATH);
if (!trustedCertificatePath.exists()) {
throw new CommandException("The client certificate path " + trustedCertificatePath + " doesn't exist");
}
if (trustStoreName != null) {
throw new CommandException(formatOption(OPT_TRUST_STORE_NAME) + " can't be used when " + formatOption(OPT_TRUSTED_CERTIFICATE_PATH) + " is in use");
}
}
if (trustStoreName != null) {
if (!ElytronUtil.keyStoreExists(ctx, trustStoreName)) {
throw new CommandException("key-store " + trustStoreName + " doesn't exist");
}
}
if (builder != null) {
builder.setTrustedCertificatePath(trustedCertificatePath);
builder.setValidateCertificate(!noTrustedCertificateValidation);
builder.setTrustStoreFileName(trustStoreFileName);
builder.setTrustStoreFilePassword(trustStoreFilePassword);
builder.setTrustStoreName(trustStoreName);
builder.setNewTrustStoreName(newTrustStoreName);
builder.setNewTrustManagerName(newTrustManagerName);
builder.setKeyManagerName(newKeyManagerName);
builder.setSSLContextName(newSslContextName);
}
return builder;
}
Aggregations