use of org.xipki.ca.server.impl.store.CertificateStore in project xipki by xipki.
the class CaManagerImpl method init.
private void init() throws CaMgmtException {
if (securityFactory == null) {
throw new IllegalStateException("securityFactory is not set");
}
if (datasourceFactory == null) {
throw new IllegalStateException("datasourceFactory is not set");
}
if (x509CertProfileFactoryRegister == null) {
throw new IllegalStateException("x509CertProfileFactoryRegister is not set");
}
if (x509CertPublisherFactoryRegister == null) {
throw new IllegalStateException("x509CertPublisherFactoryRegister is not set");
}
if (caConfFile == null) {
throw new IllegalStateException("caConfFile is not set");
}
Properties caConfProps = new Properties();
try {
caConfProps.load(new FileInputStream(IoUtil.expandFilepath(caConfFile)));
} catch (IOException ex) {
throw new CaMgmtException("could not parse CA configuration" + caConfFile, ex);
}
String caModeStr = caConfProps.getProperty("ca.mode");
if (caModeStr != null) {
if ("slave".equalsIgnoreCase(caModeStr)) {
masterMode = false;
} else if ("master".equalsIgnoreCase(caModeStr)) {
masterMode = true;
} else {
throw new CaMgmtException(concat("invalid ca.mode '", caModeStr, "'"));
}
} else {
masterMode = true;
}
int shardId;
String shardIdStr = caConfProps.getProperty("ca.shardId");
if (StringUtil.isBlank(shardIdStr)) {
throw new CaMgmtException("ca.shardId is not set");
}
LOG.info("ca.shardId: {}", shardIdStr);
try {
shardId = Integer.parseInt(shardIdStr);
} catch (NumberFormatException ex) {
throw new CaMgmtException(concat("invalid ca.shardId '", shardIdStr, "'"));
}
if (shardId < 0 || shardId > 127) {
throw new CaMgmtException("ca.shardId is not in [0, 127]");
}
if (this.datasources == null) {
this.datasources = new ConcurrentHashMap<>();
for (Object objKey : caConfProps.keySet()) {
String key = (String) objKey;
if (!StringUtil.startsWithIgnoreCase(key, "datasource.")) {
continue;
}
String datasourceFile = caConfProps.getProperty(key);
try {
String datasourceName = key.substring("datasource.".length());
DataSourceWrapper datasource = datasourceFactory.createDataSourceForFile(datasourceName, datasourceFile, securityFactory.getPasswordResolver());
Connection conn = datasource.getConnection();
datasource.returnConnection(conn);
this.datasources.put(datasourceName, datasource);
} catch (DataAccessException | PasswordResolverException | IOException | RuntimeException ex) {
throw new CaMgmtException(concat(ex.getClass().getName(), " while parsing datasource ", datasourceFile, ": ", ex.getMessage()), ex);
}
}
this.datasource = this.datasources.get("ca");
}
if (this.datasource == null) {
throw new CaMgmtException("no datasource named 'ca' configured");
}
this.queryExecutor = new CaManagerQueryExecutor(this.datasource);
initEnvironmentParamters();
String envEpoch = envParameterResolver.getParameter(ENV_EPOCH);
if (masterMode) {
lockCa(true);
if (envEpoch == null) {
final long day = 24L * 60 * 60 * 1000;
envEpoch = queryExecutor.setEpoch(new Date(System.currentTimeMillis() - day));
LOG.info("set environment {} to {}", ENV_EPOCH, envEpoch);
}
queryExecutor.addRequestorIfNeeded(RequestorInfo.NAME_BY_CA);
queryExecutor.addRequestorIfNeeded(RequestorInfo.NAME_BY_USER);
} else {
if (envEpoch == null) {
throw new CaMgmtException("The CA system must be started first with ca.mode = master");
}
}
LOG.info("use EPOCH: {}", envEpoch);
long epoch = DateUtil.parseUtcTimeyyyyMMdd(envEpoch).getTime();
UniqueIdGenerator idGen = new UniqueIdGenerator(epoch, shardId);
try {
this.certstore = new CertificateStore(datasource, idGen);
} catch (DataAccessException ex) {
throw new CaMgmtException(ex.getMessage(), ex);
}
initCaAliases();
initCertprofiles();
initPublishers();
initCmpControls();
initRequestors();
initResponders();
initCrlSigners();
initCas();
initSceps();
}
Aggregations