Search in sources :

Example 1 with ExportCertificateResponse

use of software.amazon.awssdk.services.acm.model.ExportCertificateResponse in project data-prepper by opensearch-project.

the class ACMCertificateProvider method getCertificate.

public Certificate getCertificate() {
    ExportCertificateResponse exportCertificateResponse = null;
    long timeSlept = 0L;
    // The private key from ACM is encrypted. Passphrase is the privateKey password that will be used to decrypt the
    // private key. If it's not provided, generate a random password. The configured passphrase can
    // be used to decrypt the private key manually using openssl commands for any inspection or debugging.
    final String pkPassphrase = Optional.ofNullable(passphrase).orElse(generatePassphrase(PASSPHRASE_CHAR_COUNT));
    while (exportCertificateResponse == null && timeSlept < totalTimeout) {
        try {
            ExportCertificateRequest exportCertificateRequest = ExportCertificateRequest.builder().certificateArn(acmArn).passphrase(SdkBytes.fromByteArray(pkPassphrase.getBytes())).build();
            exportCertificateResponse = acmClient.exportCertificate(exportCertificateRequest);
        } catch (final RequestInProgressException ex) {
            try {
                Thread.sleep(SLEEP_INTERVAL);
            } catch (InterruptedException iex) {
                throw new RuntimeException(iex);
            }
        } catch (final ResourceNotFoundException | InvalidArnException ex) {
            LOG.error("Exception retrieving the certificate with arn: {}", acmArn, ex);
            throw ex;
        }
        timeSlept += SLEEP_INTERVAL;
    }
    if (exportCertificateResponse != null) {
        final String decryptedPrivateKey = getDecryptedPrivateKey(exportCertificateResponse.privateKey(), pkPassphrase);
        return new Certificate(exportCertificateResponse.certificate(), decryptedPrivateKey);
    } else {
        throw new IllegalStateException(String.format("Exception retrieving certificate results. Time spent retrieving certificate is" + " %d ms and total time out set is %d ms.", timeSlept, totalTimeout));
    }
}
Also used : RequestInProgressException(software.amazon.awssdk.services.acm.model.RequestInProgressException) ExportCertificateResponse(software.amazon.awssdk.services.acm.model.ExportCertificateResponse) InvalidArnException(software.amazon.awssdk.services.acm.model.InvalidArnException) ExportCertificateRequest(software.amazon.awssdk.services.acm.model.ExportCertificateRequest) ResourceNotFoundException(software.amazon.awssdk.services.acm.model.ResourceNotFoundException) Certificate(com.amazon.dataprepper.plugins.certificate.model.Certificate)

Aggregations

Certificate (com.amazon.dataprepper.plugins.certificate.model.Certificate)1 ExportCertificateRequest (software.amazon.awssdk.services.acm.model.ExportCertificateRequest)1 ExportCertificateResponse (software.amazon.awssdk.services.acm.model.ExportCertificateResponse)1 InvalidArnException (software.amazon.awssdk.services.acm.model.InvalidArnException)1 RequestInProgressException (software.amazon.awssdk.services.acm.model.RequestInProgressException)1 ResourceNotFoundException (software.amazon.awssdk.services.acm.model.ResourceNotFoundException)1