use of org.shredzone.acme4j.AccountBuilder in project cas by apereo.
the class DefaultAcmeCertificateManager method findOrRegisterAccount.
/**
* Finds your {@link Account} at the ACME server. It will be found by your user's
* public key. If your key is not known to the server yet, a new account will be
* created.
*
* @param session {@link Session} to bind with
* @return {@link Account}
*/
private static Account findOrRegisterAccount(final Session session, final KeyPair accountKey) throws AcmeException {
val tos = session.getMetadata().getTermsOfService();
LOGGER.debug("Accepted terms of service url: [{}]", tos);
val account = new AccountBuilder().agreeToTermsOfService().useKeyPair(accountKey).create(session);
LOGGER.info("Registered new user w/ URL: [{}]", account.getLocation());
return account;
}
use of org.shredzone.acme4j.AccountBuilder in project meecrowave by apache.
the class LetsEncryptReloadLifecycle method run.
@Override
public synchronized void run() {
final KeyPair userKeyPair = loadOrCreateKeyPair(config.getUserKeySize(), config.getUserKeyLocation());
final KeyPair domainKeyPair = loadOrCreateKeyPair(config.getDomainKeySize(), config.getDomainKey());
final Session session = new Session(config.getEndpoint());
try {
final Account account = new AccountBuilder().agreeToTermsOfService().useKeyPair(userKeyPair).create(session);
final Order order = account.newOrder().domains(config.getDomains().trim().split(",")).create();
final boolean updated = order.getAuthorizations().stream().map(authorization -> {
try {
return authorize(authorization);
} catch (final AcmeException e) {
getLogger().error(e.getMessage(), e);
return false;
}
}).reduce(false, (previous, val) -> previous || val);
if (!updated) {
return;
}
final CSRBuilder csrBuilder = new CSRBuilder();
csrBuilder.addDomains(config.getDomains());
csrBuilder.sign(domainKeyPair);
try (final Writer writer = new BufferedWriter(new FileWriter(config.getDomainCertificate()))) {
csrBuilder.write(writer);
}
order.execute(csrBuilder.getEncoded());
try {
int attempts = config.getRetryCount();
while (order.getStatus() != Status.VALID && attempts-- > 0) {
if (order.getStatus() == Status.INVALID) {
throw new AcmeException("Order failed... Giving up.");
}
Thread.sleep(config.getRetryTimeoutMs());
order.update();
}
} catch (final InterruptedException ex) {
getLogger().error(ex.getMessage());
Thread.currentThread().interrupt();
return;
}
final Certificate certificate = order.getCertificate();
getLogger().info("Got new certificate " + certificate.getLocation() + " for domain(s) " + config.getDomains());
try (final Writer writer = new BufferedWriter(new FileWriter(config.getDomainChain()))) {
certificate.writeCertificate(writer);
}
protocol.reloadSslHostConfigs();
} catch (final AcmeException | IOException ex) {
getLogger().error(ex.getMessage(), ex);
}
}
use of org.shredzone.acme4j.AccountBuilder in project webpieces by deanhiller.
the class AcmeClientProxy method openAccount.
// TODO: Put the remote request INTO a different pool to not hold up the webserver main
// threadpool so only synchronous requests will hold up synchronous requests
public XFuture<URL> openAccount(String email, KeyPair accountKeyPair) {
try {
log.info("open account");
Session session = new Session("acme://letsencrypt.org/staging");
Account account = new AccountBuilder().addContact("mailto:" + email).agreeToTermsOfService().useKeyPair(accountKeyPair).create(session);
URL location = account.getLocation();
log.info("account location=" + location);
return XFuture.completedFuture(location);
} catch (AcmeException e) {
throw SneakyThrow.sneak(e);
}
}
Aggregations