use of org.xipki.common.InvalidConfException in project xipki by xipki.
the class CaManagerImpl method initCmpControls.
// method initCrlSigners
private void initCmpControls() throws CaMgmtException {
if (cmpControlInitialized) {
return;
}
cmpControls.clear();
cmpControlDbEntries.clear();
List<String> names = queryExecutor.namesFromTable("CMPCONTROL");
for (String name : names) {
CmpControlEntry cmpControlDb = queryExecutor.createCmpControl(name);
if (cmpControlDb == null) {
continue;
}
cmpControlDb.setFaulty(true);
cmpControlDbEntries.put(name, cmpControlDb);
CmpControl cmpControl;
try {
cmpControl = new CmpControl(cmpControlDb);
cmpControlDb.setFaulty(false);
cmpControls.put(name, cmpControl);
} catch (InvalidConfException ex) {
LogUtil.error(LOG, ex, concat("could not initialize CMP control ", name, ", ignore it"));
}
}
cmpControlInitialized = true;
}
use of org.xipki.common.InvalidConfException in project xipki by xipki.
the class CaManagerImpl method startCa.
// method startCaSystem0
private boolean startCa(String caName) {
X509CaInfo caEntry = caInfos.get(caName);
ConfPairs extraControl = caEntry.getCaEntry().getExtraControl();
if (extraControl != null) {
String str = extraControl.value(RevokeSuspendedCertsControl.KEY_REVOCATION_ENABLED);
boolean enabled = false;
if (str != null) {
enabled = Boolean.parseBoolean(str);
}
if (enabled) {
str = extraControl.value(RevokeSuspendedCertsControl.KEY_REVOCATION_REASON);
CrlReason reason = (str == null) ? CrlReason.CESSATION_OF_OPERATION : CrlReason.forNameOrText(str);
str = extraControl.value(RevokeSuspendedCertsControl.KEY_UNCHANGED_SINCE);
CertValidity unchangedSince = (str == null) ? new CertValidity(15, Unit.DAY) : CertValidity.getInstance(str);
RevokeSuspendedCertsControl control = new RevokeSuspendedCertsControl(reason, unchangedSince);
caEntry.setRevokeSuspendedCertsControl(control);
}
}
boolean signerRequired = caEntry.isSignerRequired();
X509CrlSignerEntryWrapper crlSignerEntry = null;
String crlSignerName = caEntry.getCrlSignerName();
// CRL will be generated only in master mode
if (signerRequired && masterMode && crlSignerName != null) {
crlSignerEntry = crlSigners.get(crlSignerName);
try {
crlSignerEntry.getDbEntry().setConfFaulty(true);
crlSignerEntry.initSigner(securityFactory);
crlSignerEntry.getDbEntry().setConfFaulty(false);
} catch (XiSecurityException | OperationException | InvalidConfException ex) {
LogUtil.error(LOG, ex, concat("X09CrlSignerEntryWrapper.initSigner (name=", crlSignerName, ")"));
return false;
}
}
X509Ca ca;
try {
ca = new X509Ca(this, caEntry, certstore);
ca.setAuditServiceRegister(auditServiceRegister);
} catch (OperationException ex) {
LogUtil.error(LOG, ex, concat("X509CA.<init> (ca=", caName, ")"));
return false;
}
x509cas.put(caName, ca);
X509CaCmpResponderImpl caResponder = new X509CaCmpResponderImpl(this, caName);
x509Responders.put(caName, caResponder);
return true;
}
use of org.xipki.common.InvalidConfException in project xipki by xipki.
the class CaManagerImpl method addCmpControl.
@Override
public void addCmpControl(CmpControlEntry dbEntry) throws CaMgmtException {
ParamUtil.requireNonNull("dbEntry", dbEntry);
asssertMasterMode();
final String name = dbEntry.getName();
if (cmpControlDbEntries.containsKey(name)) {
throw new CaMgmtException(concat("CMP control named ", name, " exists"));
}
CmpControl cmpControl;
try {
cmpControl = new CmpControl(dbEntry);
} catch (InvalidConfException ex) {
LogUtil.error(LOG, ex, "could not add CMP control to certStore");
throw new CaMgmtException(ex);
}
CmpControlEntry tmpDbEntry = cmpControl.getDbEntry();
queryExecutor.addCmpControl(tmpDbEntry);
cmpControls.put(name, cmpControl);
cmpControlDbEntries.put(name, tmpDbEntry);
}
use of org.xipki.common.InvalidConfException in project xipki by xipki.
the class CaManagerQueryExecutor method addCrlSigner.
// method addRequestorToCa
void addCrlSigner(X509CrlSignerEntry dbEntry) throws CaMgmtException {
ParamUtil.requireNonNull("dbEntry", dbEntry);
String crlControl = dbEntry.crlControl();
// validate crlControl
if (crlControl != null) {
try {
new CrlControl(crlControl);
} catch (InvalidConfException ex) {
throw new CaMgmtException(concat("invalid CRL control '", crlControl, "'"));
}
}
String name = dbEntry.getName();
String sql = "INSERT INTO CRLSIGNER (NAME,SIGNER_TYPE,SIGNER_CERT,CRL_CONTROL,SIGNER_CONF)" + " VALUES (?,?,?,?,?)";
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
int idx = 1;
ps.setString(idx++, name);
ps.setString(idx++, dbEntry.getType());
ps.setString(idx++, (dbEntry.getCert() == null) ? null : Base64.encodeToString(dbEntry.getCert().getEncoded()));
ps.setString(idx++, crlControl);
ps.setString(idx++, dbEntry.getConf());
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not add CRL signer " + name);
}
LOG.info("added CRL signer '{}': {}", name, dbEntry.toString(false, true));
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} catch (CertificateEncodingException ex) {
throw new CaMgmtException(ex);
} finally {
datasource.releaseResources(ps, null);
}
}
use of org.xipki.common.InvalidConfException in project xipki by xipki.
the class CaManagerQueryExecutor method changeCmpControl.
// method changeCertprofile
CmpControl changeCmpControl(String name, String conf) throws CaMgmtException {
ParamUtil.requireNonBlank("name", name);
if (conf == null) {
throw new IllegalArgumentException("nothing to change");
}
CmpControlEntry newDbEntry = new CmpControlEntry(name, conf);
CmpControl cmpControl;
try {
cmpControl = new CmpControl(newDbEntry);
} catch (InvalidConfException ex) {
throw new CaMgmtException(ex);
}
final String sql = "UPDATE CMPCONTROL SET CONF=? WHERE NAME=?";
PreparedStatement ps = null;
try {
ps = prepareStatement(sql);
ps.setString(1, conf);
ps.setString(2, name);
if (ps.executeUpdate() == 0) {
throw new CaMgmtException("could not CMP control " + name);
}
LOG.info("changed CMP control '{}': {}", name, conf);
return cmpControl;
} catch (SQLException ex) {
throw new CaMgmtException(datasource, sql, ex);
} finally {
datasource.releaseResources(ps, null);
}
}
Aggregations