use of org.shredzone.acme4j.Session in project meecrowave by apache.
the class LetsEncryptReloadLifecycle method run.
@Override
public synchronized void run() {
final KeyPair userKeyPair = loadOrCreateKeyPair(config.getUserKeySize(), config.getUserKeyLocation());
final KeyPair domainKeyPair = loadOrCreateKeyPair(config.getDomainKeySize(), config.getDomainKey());
final Session session = new Session(config.getEndpoint());
try {
final Account account = new AccountBuilder().agreeToTermsOfService().useKeyPair(userKeyPair).create(session);
final Order order = account.newOrder().domains(config.getDomains().trim().split(",")).create();
final boolean updated = order.getAuthorizations().stream().map(authorization -> {
try {
return authorize(authorization);
} catch (final AcmeException e) {
getLogger().error(e.getMessage(), e);
return false;
}
}).reduce(false, (previous, val) -> previous || val);
if (!updated) {
return;
}
final CSRBuilder csrBuilder = new CSRBuilder();
csrBuilder.addDomains(config.getDomains());
csrBuilder.sign(domainKeyPair);
try (final Writer writer = new BufferedWriter(new FileWriter(config.getDomainCertificate()))) {
csrBuilder.write(writer);
}
order.execute(csrBuilder.getEncoded());
try {
int attempts = config.getRetryCount();
while (order.getStatus() != Status.VALID && attempts-- > 0) {
if (order.getStatus() == Status.INVALID) {
throw new AcmeException("Order failed... Giving up.");
}
Thread.sleep(config.getRetryTimeoutMs());
order.update();
}
} catch (final InterruptedException ex) {
getLogger().error(ex.getMessage());
Thread.currentThread().interrupt();
return;
}
final Certificate certificate = order.getCertificate();
getLogger().info("Got new certificate " + certificate.getLocation() + " for domain(s) " + config.getDomains());
try (final Writer writer = new BufferedWriter(new FileWriter(config.getDomainChain()))) {
certificate.writeCertificate(writer);
}
protocol.reloadSslHostConfigs();
} catch (final AcmeException | IOException ex) {
getLogger().error(ex.getMessage(), ex);
}
}
use of org.shredzone.acme4j.Session in project stdlib by petergeneric.
the class LetsEncryptService method getRegistration.
public Registration getRegistration() {
if (_registration == null) {
LetsEncryptAccountEntity existing = accountDao.getById(LetsEncryptAccountEntity.MAIN_ACCOUNT_ID);
final KeyPair keypair;
try {
if (existing != null) {
ByteArrayInputStream bis = new ByteArrayInputStream(existing.getKeypair());
InputStreamReader r = new InputStreamReader(bis, StandardCharsets.UTF_8);
keypair = KeyPairUtils.readKeyPair(r);
} else {
keypair = KeyPairUtils.createKeyPair(REGISTRATION_KEY_SIZE);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
OutputStreamWriter w = new OutputStreamWriter(bos, StandardCharsets.UTF_8);
KeyPairUtils.writeKeyPair(keypair, w);
existing = new LetsEncryptAccountEntity();
existing.setId(LetsEncryptAccountEntity.MAIN_ACCOUNT_ID);
existing.setKeypair(bos.toByteArray());
// Save the generated keypair
accountDao.save(existing);
}
} catch (IOException e) {
throw new RuntimeException("Error creating/loading/saving Let's Encrypt Registration Keypair", e);
}
Session session = new Session(acmeServerUri, keypair);
Registration registration;
{
try {
try {
final RegistrationBuilder registrationBuilder = new RegistrationBuilder();
registration = registrationBuilder.create(session);
} catch (AcmeConflictException ex) {
registration = Registration.bind(session, ex.getLocation());
}
// Automatically accept any agreement updates
registration.modify().setAgreement(registration.getAgreement()).commit();
} catch (Exception e) {
throw new RuntimeException("Unexpected error registering with ACME CA", e);
}
}
_registration = registration;
}
return _registration;
}
use of org.shredzone.acme4j.Session in project webpieces by deanhiller.
the class AcmeClientProxy method fetchRemoteInfo.
// TODO: Put the remote request INTO a different pool to not hold up the webserver main
// threadpool so only synchronous requests will hold up synchronous requests
public XFuture<AcmeInfo> fetchRemoteInfo() {
try {
Session session = new Session(config.getProviderLocation());
Metadata metadata = session.getMetadata();
URI termsOfServiceUri = metadata.getTermsOfService();
URL website = metadata.getWebsite();
return XFuture.completedFuture(new AcmeInfo(termsOfServiceUri, website));
} catch (AcmeException e) {
throw SneakyThrow.sneak(e);
}
}
use of org.shredzone.acme4j.Session in project webpieces by deanhiller.
the class AcmeClientProxy method openAccount.
// TODO: Put the remote request INTO a different pool to not hold up the webserver main
// threadpool so only synchronous requests will hold up synchronous requests
public XFuture<URL> openAccount(String email, KeyPair accountKeyPair) {
try {
log.info("open account");
Session session = new Session("acme://letsencrypt.org/staging");
Account account = new AccountBuilder().addContact("mailto:" + email).agreeToTermsOfService().useKeyPair(accountKeyPair).create(session);
URL location = account.getLocation();
log.info("account location=" + location);
return XFuture.completedFuture(location);
} catch (AcmeException e) {
throw SneakyThrow.sneak(e);
}
}
use of org.shredzone.acme4j.Session in project webpieces by deanhiller.
the class AcmeClientProxy method placeOrder.
// TODO: Put the remote request INTO a different pool to not hold up the webserver main
// threadpool so only synchronous requests will hold up synchronous requests
/**
* @return The list of challenges with tokens to create webpages for that remote end will call to verify we own the domain
*/
public XFuture<ProxyOrder> placeOrder(URL accountUrl, KeyPair accountKeyPair) {
try {
log.info("reestablish account from location=" + accountUrl + " and keypair");
Session session = new Session("acme://letsencrypt.org/staging");
Login login = session.login(accountUrl, accountKeyPair);
Account account = login.getAccount();
log.info("create an order");
String domainTemp = "something.com";
Order order = account.newOrder().domain(domainTemp).create();
checkAuthStatii(order);
List<ProxyAuthorization> auths = new ArrayList<>();
for (Authorization auth : order.getAuthorizations()) auths.add(new ProxyAuthorization(auth));
return XFuture.completedFuture(new ProxyOrder(order, auths));
} catch (AcmeException e) {
throw SneakyThrow.sneak(e);
}
}
Aggregations