Search in sources :

Example 1 with CertificateStore

use of org.xipki.ca.server.impl.store.CertificateStore in project xipki by xipki.

the class CaManagerImpl method init.

private void init() throws CaMgmtException {
    if (securityFactory == null) {
        throw new IllegalStateException("securityFactory is not set");
    }
    if (datasourceFactory == null) {
        throw new IllegalStateException("datasourceFactory is not set");
    }
    if (x509CertProfileFactoryRegister == null) {
        throw new IllegalStateException("x509CertProfileFactoryRegister is not set");
    }
    if (x509CertPublisherFactoryRegister == null) {
        throw new IllegalStateException("x509CertPublisherFactoryRegister is not set");
    }
    if (caConfFile == null) {
        throw new IllegalStateException("caConfFile is not set");
    }
    Properties caConfProps = new Properties();
    try {
        caConfProps.load(new FileInputStream(IoUtil.expandFilepath(caConfFile)));
    } catch (IOException ex) {
        throw new CaMgmtException("could not parse CA configuration" + caConfFile, ex);
    }
    String caModeStr = caConfProps.getProperty("ca.mode");
    if (caModeStr != null) {
        if ("slave".equalsIgnoreCase(caModeStr)) {
            masterMode = false;
        } else if ("master".equalsIgnoreCase(caModeStr)) {
            masterMode = true;
        } else {
            throw new CaMgmtException(concat("invalid ca.mode '", caModeStr, "'"));
        }
    } else {
        masterMode = true;
    }
    int shardId;
    String shardIdStr = caConfProps.getProperty("ca.shardId");
    if (StringUtil.isBlank(shardIdStr)) {
        throw new CaMgmtException("ca.shardId is not set");
    }
    LOG.info("ca.shardId: {}", shardIdStr);
    try {
        shardId = Integer.parseInt(shardIdStr);
    } catch (NumberFormatException ex) {
        throw new CaMgmtException(concat("invalid ca.shardId '", shardIdStr, "'"));
    }
    if (shardId < 0 || shardId > 127) {
        throw new CaMgmtException("ca.shardId is not in [0, 127]");
    }
    if (this.datasources == null) {
        this.datasources = new ConcurrentHashMap<>();
        for (Object objKey : caConfProps.keySet()) {
            String key = (String) objKey;
            if (!StringUtil.startsWithIgnoreCase(key, "datasource.")) {
                continue;
            }
            String datasourceFile = caConfProps.getProperty(key);
            try {
                String datasourceName = key.substring("datasource.".length());
                DataSourceWrapper datasource = datasourceFactory.createDataSourceForFile(datasourceName, datasourceFile, securityFactory.getPasswordResolver());
                Connection conn = datasource.getConnection();
                datasource.returnConnection(conn);
                this.datasources.put(datasourceName, datasource);
            } catch (DataAccessException | PasswordResolverException | IOException | RuntimeException ex) {
                throw new CaMgmtException(concat(ex.getClass().getName(), " while parsing datasource ", datasourceFile, ": ", ex.getMessage()), ex);
            }
        }
        this.datasource = this.datasources.get("ca");
    }
    if (this.datasource == null) {
        throw new CaMgmtException("no datasource named 'ca' configured");
    }
    this.queryExecutor = new CaManagerQueryExecutor(this.datasource);
    initEnvironmentParamters();
    String envEpoch = envParameterResolver.getParameter(ENV_EPOCH);
    if (masterMode) {
        lockCa(true);
        if (envEpoch == null) {
            final long day = 24L * 60 * 60 * 1000;
            envEpoch = queryExecutor.setEpoch(new Date(System.currentTimeMillis() - day));
            LOG.info("set environment {} to {}", ENV_EPOCH, envEpoch);
        }
        queryExecutor.addRequestorIfNeeded(RequestorInfo.NAME_BY_CA);
        queryExecutor.addRequestorIfNeeded(RequestorInfo.NAME_BY_USER);
    } else {
        if (envEpoch == null) {
            throw new CaMgmtException("The CA system must be started first with ca.mode = master");
        }
    }
    LOG.info("use EPOCH: {}", envEpoch);
    long epoch = DateUtil.parseUtcTimeyyyyMMdd(envEpoch).getTime();
    UniqueIdGenerator idGen = new UniqueIdGenerator(epoch, shardId);
    try {
        this.certstore = new CertificateStore(datasource, idGen);
    } catch (DataAccessException ex) {
        throw new CaMgmtException(ex.getMessage(), ex);
    }
    initCaAliases();
    initCertprofiles();
    initPublishers();
    initCmpControls();
    initRequestors();
    initResponders();
    initCrlSigners();
    initCas();
    initSceps();
}
Also used : Connection(java.sql.Connection) IOException(java.io.IOException) Properties(java.util.Properties) FileInputStream(java.io.FileInputStream) Date(java.util.Date) CaMgmtException(org.xipki.ca.server.mgmt.api.CaMgmtException) CertificateStore(org.xipki.ca.server.impl.store.CertificateStore) PasswordResolverException(org.xipki.password.PasswordResolverException) DataSourceWrapper(org.xipki.datasource.DataSourceWrapper) DataAccessException(org.xipki.datasource.DataAccessException)

Aggregations

FileInputStream (java.io.FileInputStream)1 IOException (java.io.IOException)1 Connection (java.sql.Connection)1 Date (java.util.Date)1 Properties (java.util.Properties)1 CertificateStore (org.xipki.ca.server.impl.store.CertificateStore)1 CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)1 DataAccessException (org.xipki.datasource.DataAccessException)1 DataSourceWrapper (org.xipki.datasource.DataSourceWrapper)1 PasswordResolverException (org.xipki.password.PasswordResolverException)1