Search in sources :

Example 1 with IssuerFilter

use of org.xipki.ocsp.api.IssuerFilter in project xipki by xipki.

the class DbCertStatusStore method init.

@Override
public void init(String conf, DataSourceWrapper datasource) throws OcspStoreException {
    ParamUtil.requireNonNull("conf", conf);
    this.datasource = ParamUtil.requireNonNull("datasource", datasource);
    sqlCs = datasource.buildSelectFirstSql(1, "NBEFORE,NAFTER,REV,RR,RT,RIT FROM CERT WHERE IID=? AND SN=?");
    sqlCsNoRit = datasource.buildSelectFirstSql(1, "NBEFORE,NAFTER,REV,RR,RT FROM CERT WHERE IID=? AND SN=?");
    sqlCsWithCertHash = datasource.buildSelectFirstSql(1, "NBEFORE,NAFTER,REV,RR,RT,RIT,HASH FROM CERT WHERE IID=? AND SN=?");
    sqlCsNoRitWithCertHash = datasource.buildSelectFirstSql(1, "NBEFORE,NAFTER,REV,RR,RT,HASH FROM CERT WHERE IID=? AND SN=?");
    try {
        this.certHashAlgo = getCertHashAlgo(datasource);
    } catch (DataAccessException ex) {
        throw new OcspStoreException("Could not retrieve the certhash's algorithm from the database", ex);
    }
    StoreConf storeConf = new StoreConf(conf);
    try {
        Set<X509Certificate> includeIssuers = null;
        Set<X509Certificate> excludeIssuers = null;
        if (CollectionUtil.isNonEmpty(storeConf.getCaCertsIncludes())) {
            includeIssuers = parseCerts(storeConf.getCaCertsIncludes());
        }
        if (CollectionUtil.isNonEmpty(storeConf.getCaCertsExcludes())) {
            excludeIssuers = parseCerts(storeConf.getCaCertsExcludes());
        }
        this.issuerFilter = new IssuerFilter(includeIssuers, excludeIssuers);
    } catch (CertificateException ex) {
        throw new OcspStoreException(ex.getMessage(), ex);
    }
    // end try
    initIssuerStore();
    if (this.scheduledThreadPoolExecutor != null) {
        this.scheduledThreadPoolExecutor.shutdownNow();
    }
    StoreUpdateService storeUpdateService = new StoreUpdateService();
    List<Runnable> scheduledServices = getScheduledServices();
    int size = 1;
    if (scheduledServices != null) {
        size += scheduledServices.size();
    }
    this.scheduledThreadPoolExecutor = new ScheduledThreadPoolExecutor(size);
    Random random = new Random();
    this.scheduledThreadPoolExecutor.scheduleAtFixedRate(storeUpdateService, 60 + random.nextInt(60), 60, TimeUnit.SECONDS);
    if (scheduledServices != null) {
        for (Runnable service : scheduledServices) {
            this.scheduledThreadPoolExecutor.scheduleAtFixedRate(service, 60 + random.nextInt(60), 60, TimeUnit.SECONDS);
        }
    }
}
Also used : IssuerFilter(org.xipki.ocsp.api.IssuerFilter) OcspStoreException(org.xipki.ocsp.api.OcspStoreException) ScheduledThreadPoolExecutor(java.util.concurrent.ScheduledThreadPoolExecutor) CertificateException(java.security.cert.CertificateException) X509Certificate(java.security.cert.X509Certificate) Random(java.util.Random) DataAccessException(org.xipki.datasource.DataAccessException)

Aggregations

CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 Random (java.util.Random)1 ScheduledThreadPoolExecutor (java.util.concurrent.ScheduledThreadPoolExecutor)1 DataAccessException (org.xipki.datasource.DataAccessException)1 IssuerFilter (org.xipki.ocsp.api.IssuerFilter)1 OcspStoreException (org.xipki.ocsp.api.OcspStoreException)1