Example 1 with TrustStoreDTO
use of org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO in project carbon-apimgt by wso2.
the class CertificateMgtUtils method getListenerProfileTrustStore.
private static TrustStoreDTO getListenerProfileTrustStore() throws FileNotFoundException, XMLStreamException {
String fullPath = getSSLListenerProfilePath();
if (StringUtils.isNotEmpty(fullPath)) {
OMElement customSSLProfilesOmElement = new StAXOMBuilder(fullPath).getDocumentElement();
SecretResolver secretResolver = SecretResolverFactory.create(customSSLProfilesOmElement, true);
if (customSSLProfilesOmElement != null) {
Iterator profileIterator = customSSLProfilesOmElement.getChildrenWithLocalName("profile");
if (profileIterator != null) {
OMElement profile = (OMElement) profileIterator.next();
while (profileIterator.hasNext()) {
OMElement tempProfile = (OMElement) profileIterator.next();
OMElement bindAddress = tempProfile.getFirstChildWithName(new QName("bindAddress"));
if ("0.0.0.0".equals(bindAddress.getText())) {
{
profile = tempProfile;
break;
}
}
}
if (profile != null) {
OMElement trustStoreElement = profile.getFirstChildWithName(new QName("TrustStore"));
if (trustStoreElement != null) {
OMElement location = trustStoreElement.getFirstChildWithName(new QName("Location"));
String path = getFullPath(location.getText());
OMElement type = trustStoreElement.getFirstChildWithName(new QName("Type"));
OMElement passwordElement = trustStoreElement.getFirstChildWithName(new QName("Password"));
String resolvedValue = "";
if (passwordElement != null) {
resolvedValue = MiscellaneousUtil.resolve(passwordElement, secretResolver);
}
return new TrustStoreDTO(path, type.getText(), resolvedValue.toCharArray());
}
}
}
}
}
return getParentTrustStore();
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
TrustStoreDTO(org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)
QName(javax.xml.namespace.QName)
Iterator(java.util.Iterator)
OMElement(org.apache.axiom.om.OMElement)
StAXOMBuilder(org.apache.axiom.om.impl.builder.StAXOMBuilder)
Example 2 with TrustStoreDTO
use of org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO in project carbon-apimgt by wso2.
the class CertificateMgtUtils method getSenderProfileTrustStore.
private static TrustStoreDTO getSenderProfileTrustStore() throws FileNotFoundException, XMLStreamException {
String fullPath = getSSLSenderProfilePath();
if (StringUtils.isNotEmpty(fullPath)) {
OMElement customSSLProfilesOmElement = new StAXOMBuilder(fullPath).getDocumentElement();
SecretResolver secretResolver = SecretResolverFactory.create(customSSLProfilesOmElement, true);
if (customSSLProfilesOmElement != null) {
Iterator profileIterator = customSSLProfilesOmElement.getChildrenWithLocalName("profile");
if (profileIterator != null) {
OMElement profile = (OMElement) profileIterator.next();
while (profileIterator.hasNext()) {
OMElement tempProfile = (OMElement) profileIterator.next();
OMElement servers = tempProfile.getFirstChildWithName(new QName("servers"));
if ("*".equals(servers.getText())) {
{
profile = tempProfile;
break;
}
}
}
if (profile != null) {
OMElement trustStoreElement = profile.getFirstChildWithName(new QName("TrustStore"));
if (trustStoreElement != null) {
OMElement location = trustStoreElement.getFirstChildWithName(new QName("Location"));
String path = getFullPath(location.getText());
OMElement type = trustStoreElement.getFirstChildWithName(new QName("Type"));
OMElement passwordElement = trustStoreElement.getFirstChildWithName(new QName("Password"));
String resolvedValue = "";
if (passwordElement != null) {
resolvedValue = MiscellaneousUtil.resolve(passwordElement, secretResolver);
}
return new TrustStoreDTO(path, type.getText(), resolvedValue.toCharArray());
}
}
}
}
}
return getParentTrustStore();
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
TrustStoreDTO(org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)
QName(javax.xml.namespace.QName)
Iterator(java.util.Iterator)
OMElement(org.apache.axiom.om.OMElement)
StAXOMBuilder(org.apache.axiom.om.impl.builder.StAXOMBuilder)
Example 3 with TrustStoreDTO
use of org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO in project carbon-apimgt by wso2.
the class CertificateReLoader method run.
@Override
public void run() {
TrustStoreDTO trustStoreDTO = CertificateReLoaderUtil.getTrustStore();
if (trustStoreDTO != null) {
File trustStoreFile = new File(trustStoreDTO.getLocation());
FileInputStream localTrustStoreStream;
try {
long lastUpdatedTimeStamp = CertificateReLoaderUtil.getLastUpdatedTimeStamp();
long lastModified = trustStoreFile.lastModified();
if (lastUpdatedTimeStamp != lastModified) {
CertificateReLoaderUtil.setLastUpdatedTimeStamp(lastModified);
localTrustStoreStream = new FileInputStream(trustStoreFile);
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(localTrustStoreStream, trustStoreDTO.getPassword());
ServiceReferenceHolder.getInstance().setListenerTrustStore(trustStore);
}
} catch (KeyStoreException | CertificateException | IOException | NoSuchAlgorithmException e) {
log.error("Unable to find the certificate", e);
}
}
}
Also used :
TrustStoreDTO(org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)
CertificateException(java.security.cert.CertificateException)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
File(java.io.File)
KeyStore(java.security.KeyStore)
FileInputStream(java.io.FileInputStream)
Example 4 with TrustStoreDTO
use of org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO in project carbon-apimgt by wso2.
the class CertificateMgtUtils method backupOriginalTrustStore.
public static void backupOriginalTrustStore() throws CertificateManagementException {
try {
TrustStoreDTO senderProfileTrustStore = getSenderProfileTrustStore();
TrustStoreDTO listenerProfileTrustStore = getListenerProfileTrustStore();
File srcFile = new File(senderProfileTrustStore.getLocation());
if (senderProfileTrustStore.getLocation().equals(listenerProfileTrustStore.getLocation())) {
String parent = srcFile.getParent();
String destPath = parent + File.separator + COMMON_CERT_NAME;
File destFile = new File(destPath);
deletePreviousBackupJKSFile(destFile);
FileUtils.copyFile(srcFile, destFile);
updateSenderProfileTrustStoreLocation(destPath);
updateListenerProfileTrustStoreLocation(destPath);
} else {
if (srcFile.exists()) {
String parent = srcFile.getParent();
String destPath = parent + File.separator + SENDER_PROFILE_JKS_NAME;
File destFile = new File(destPath);
deletePreviousBackupJKSFile(destFile);
FileUtils.copyFile(srcFile, destFile);
updateSenderProfileTrustStoreLocation(destPath);
}
File listenerProfileTrustStoreFile = new File(listenerProfileTrustStore.getLocation());
if (listenerProfileTrustStoreFile.exists()) {
String parent = listenerProfileTrustStoreFile.getParent();
String destPath = parent + File.separator + LISTER_PROFILE_JKS_NAME;
File destFile = new File(destPath);
deletePreviousBackupJKSFile(destFile);
FileUtils.copyFile(listenerProfileTrustStoreFile, destFile);
updateListenerProfileTrustStoreLocation(destPath);
}
}
} catch (XMLStreamException | IOException e) {
throw new CertificateManagementException("Error while backup truststore", e);
}
}
Also used :
XMLStreamException(javax.xml.stream.XMLStreamException)
TrustStoreDTO(org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)
CertificateManagementException(org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.CertificateManagementException)
IOException(java.io.IOException)
File(java.io.File)
Example 5 with TrustStoreDTO
use of org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO in project carbon-apimgt by wso2.
the class CertificateMgtUtils method startListenerCertificateReLoader.
public static void startListenerCertificateReLoader() {
try {
TrustStoreDTO listenerProfileTrustStore = getListenerProfileTrustStore();
File trustStoreFile = new File(listenerProfileTrustStore.getLocation());
try (FileInputStream trustStoreStream = new FileInputStream(trustStoreFile)) {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(trustStoreStream, listenerProfileTrustStore.getPassword());
CertificateReLoaderUtil.setLastUpdatedTimeStamp(trustStoreFile.lastModified());
CertificateReLoaderUtil.setCertificate(listenerProfileTrustStore);
CertificateReLoaderUtil.startCertificateReLoader();
ServiceReferenceHolder.getInstance().setListenerTrustStore(trustStore);
}
} catch (IOException | KeyStoreException | CertificateException | NoSuchAlgorithmException | XMLStreamException e) {
log.error("Error in loading trust store.", e);
}
}
Also used :
XMLStreamException(javax.xml.stream.XMLStreamException)
TrustStoreDTO(org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
File(java.io.File)
KeyStore(java.security.KeyStore)
FileInputStream(java.io.FileInputStream)
Aggregations
TrustStoreDTO (org.wso2.carbon.apimgt.impl.dto.TrustStoreDTO)5
File (java.io.File)3
IOException (java.io.IOException)3
FileInputStream (java.io.FileInputStream)2
KeyStore (java.security.KeyStore)2
KeyStoreException (java.security.KeyStoreException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
CertificateException (java.security.cert.CertificateException)2
Iterator (java.util.Iterator)2
QName (javax.xml.namespace.QName)2
XMLStreamException (javax.xml.stream.XMLStreamException)2
OMElement (org.apache.axiom.om.OMElement)2
StAXOMBuilder (org.apache.axiom.om.impl.builder.StAXOMBuilder)2
SecretResolver (org.wso2.securevault.SecretResolver)2
CertificateManagementException (org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.CertificateManagementException)1
