Examples of org.nasutekds.server.util.CertificateManager

org.nasutekds.server.util.CertificateManager
This class provides an interface for generating self-signed certificates and certificate signing requests, and for importing, exporting, and deleting certificates from a key store. It supports JKS, PKCS11, and PKCS12 key store types.

This code uses the Platform class to perform all of the certificate management.

      }
    }


    // Create a certificate manager.
    certificateManager =
         new CertificateManager(getFileForPath(trustStoreFile).getPath(),
                                trustStoreType,
                                new String(trustStorePIN));


    // Generate a self-signed certificate, if there is none.
    generateInstanceCertificateIfAbsent();

View Full Code Here

      trustStoreFile = newTrustStoreFile;
      trustStoreType = newTrustStoreType;
      trustStorePIN  = newPIN;
      configuration  = cfg;
      certificateManager =
           new CertificateManager(getFileForPath(trustStoreFile).getPath(),
                                  trustStoreType,
                                  new String(trustStorePIN));
    }

View Full Code Here

    }
    if (!errorWithPath && pwdProvided)
    {
      try
      {
        CertificateManager certManager;
        switch (type)
        {
          case JKS:
          certManager = new CertificateManager(
              path,
              CertificateManager.KEY_STORE_TYPE_JKS,
              pwd);
          break;


          case JCEKS:
            certManager = new CertificateManager(
                path,
                CertificateManager.KEY_STORE_TYPE_JCEKS,
                pwd);
            break;


          case PKCS12:
          certManager = new CertificateManager(
              path,
              CertificateManager.KEY_STORE_TYPE_PKCS12,
              pwd);
          break;


          case PKCS11:
          certManager = new CertificateManager(
              CertificateManager.KEY_STORE_PATH_PKCS11,
              CertificateManager.KEY_STORE_TYPE_PKCS11,
              pwd);
          break;


          default:
            throw new IllegalArgumentException("Invalid type: "+type);
        }
        String[] aliases = certManager.getCertificateAliases();
        if ((aliases == null) || (aliases.length == 0))
        {
          // Could not retrieve any certificate
          switch (type)
          {
          case JKS:
            errorMessages.add(INFO_JKS_KEYSTORE_DOES_NOT_EXIST.get());
            break;
          case JCEKS:
            errorMessages.add(INFO_JCEKS_KEYSTORE_DOES_NOT_EXIST.get());
            break;
          case PKCS12:
            errorMessages.add(INFO_PKCS12_KEYSTORE_DOES_NOT_EXIST.get());
            break;
          case PKCS11:
            errorMessages.add(INFO_PKCS11_KEYSTORE_DOES_NOT_EXIST.get());
            break;
          default:
            throw new IllegalArgumentException("Invalid type: "+type);
          }
        }
        else if (certManager.hasRealAliases())
        {
          for (int i=0; i<aliases.length; i++)
          {
            nicknameList.add(aliases[i]);
          }

View Full Code Here

      if (certType != SecurityOptions.CertificateType.NO_CERTIFICATE)
      {
        notifyListeners(getFormattedWithPoints(
            INFO_PROGRESS_UPDATING_CERTIFICATES.get()));
      }
      CertificateManager certManager;
      CertificateManager trustManager;
      File f;
      switch (certType)
      {
      case NO_CERTIFICATE:
        // Nothing to do
        break;
      case SELF_SIGNED_CERTIFICATE:
        String pwd = getSelfSignedCertificatePwd();
        certManager = new CertificateManager(
            getSelfSignedKeystorePath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            pwd);
        certManager.generateSelfSignedCertificate(SELF_SIGNED_CERT_ALIAS,
            getSelfSignedCertificateSubjectDN(),
            getSelfSignedCertificateValidity());
        SetupUtils.exportCertificate(certManager, SELF_SIGNED_CERT_ALIAS,
            getTemporaryCertificatePath());


        trustManager = new CertificateManager(
            getTrustManagerPath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            pwd);
        trustManager.addCertificate(SELF_SIGNED_CERT_ALIAS,
            new File(getTemporaryCertificatePath()));
        createProtectedFile(getKeystorePinPath(), pwd);
        f = new File(getTemporaryCertificatePath());
        f.delete();


        break;
      case JKS:
        certManager = new CertificateManager(
            sec.getKeystorePath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            sec.getKeystorePassword());
        if (aliasInKeyStore != null)
        {
          SetupUtils.exportCertificate(certManager, aliasInKeyStore,
              getTemporaryCertificatePath());
        }
        else
        {
          SetupUtils.exportCertificate(certManager,
              getTemporaryCertificatePath());
        }


        trustManager = new CertificateManager(
            getTrustManagerPath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            sec.getKeystorePassword());
        trustManager.addCertificate(aliasInTrustStore,
            new File(getTemporaryCertificatePath()));
        createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword());
        f = new File(getTemporaryCertificatePath());
        f.delete();
        break;
      case JCEKS:
        certManager = new CertificateManager(
            sec.getKeystorePath(),
            CertificateManager.KEY_STORE_TYPE_JCEKS,
            sec.getKeystorePassword());
        if (aliasInKeyStore != null)
        {
          SetupUtils.exportCertificate(certManager, aliasInKeyStore,
              getTemporaryCertificatePath());
        }
        else
        {
          SetupUtils.exportCertificate(certManager,
              getTemporaryCertificatePath());
        }


        trustManager = new CertificateManager(
            getTrustManagerPath(),
            CertificateManager.KEY_STORE_TYPE_JCEKS,
            sec.getKeystorePassword());
        trustManager.addCertificate(aliasInTrustStore,
            new File(getTemporaryCertificatePath()));
        createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword());
        f = new File(getTemporaryCertificatePath());
        f.delete();
        break;
      case PKCS12:
        certManager = new CertificateManager(
            sec.getKeystorePath(),
            CertificateManager.KEY_STORE_TYPE_PKCS12,
            sec.getKeystorePassword());
        if (aliasInKeyStore != null)
        {
          SetupUtils.exportCertificate(certManager, aliasInKeyStore,
              getTemporaryCertificatePath());
        }
        else
        {
          SetupUtils.exportCertificate(certManager,
              getTemporaryCertificatePath());
        }


        trustManager = new CertificateManager(
            getTrustManagerPath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            sec.getKeystorePassword());
        trustManager.addCertificate(aliasInTrustStore,
            new File(getTemporaryCertificatePath()));
        createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword());
        f = new File(getTemporaryCertificatePath());
        f.delete();
        break;
      case PKCS11:
        certManager = new CertificateManager(
            CertificateManager.KEY_STORE_PATH_PKCS11,
            CertificateManager.KEY_STORE_TYPE_PKCS11,
            sec.getKeystorePassword());
        if (aliasInKeyStore != null)
        {
          SetupUtils.exportCertificate(certManager, aliasInKeyStore,
              getTemporaryCertificatePath());
        }
        else
        {
          SetupUtils.exportCertificate(certManager,
              getTemporaryCertificatePath());
        }


        trustManager = new CertificateManager(
            getTrustManagerPath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            sec.getKeystorePassword());
        trustManager.addCertificate(aliasInTrustStore,
            new File(getTemporaryCertificatePath()));
        createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword());
        break;
      default:
        throw new IllegalStateException("Unknown certificate type: "+certType);

View Full Code Here


      if (pathValid && pwdValid)
      {
        try
        {
          CertificateManager certManager;
          if (rbJKS.isSelected())
          {
            certManager = new CertificateManager(
                path,
                CertificateManager.KEY_STORE_TYPE_JKS,
                pwd);
          }
          else if (rbJCEKS.isSelected())
          {
            certManager = new CertificateManager(
                path,
                CertificateManager.KEY_STORE_TYPE_JCEKS,
                pwd);
          }
          else if (rbPKCS12.isSelected())
          {
            certManager = new CertificateManager(
                path,
                CertificateManager.KEY_STORE_TYPE_PKCS12,
                pwd);
          }
          else if (rbPKCS11.isSelected())
          {
            certManager = new CertificateManager(
                CertificateManager.KEY_STORE_PATH_PKCS11,
                CertificateManager.KEY_STORE_TYPE_PKCS11,
                pwd);
          }
          else
          {
            throw new IllegalStateException("No keystore type selected.");
          }
          aliases = certManager.getCertificateAliases();
          if ((aliases == null) || (aliases.length == 0))
          {
            // Could not retrieve any certificate
            if (rbPKCS11.isSelected())
            {
              errorMsgs.add(INFO_PKCS11_KEYSTORE_DOES_NOT_EXIST.get());
            }
            else
            {
              if (rbJKS.isSelected())
              {
                errorMsgs.add(INFO_JKS_KEYSTORE_DOES_NOT_EXIST.get());
              }
              else if (rbJCEKS.isSelected())
              {
                errorMsgs.add(INFO_JCEKS_KEYSTORE_DOES_NOT_EXIST.get());
              }
              else
              {
                errorMsgs.add(INFO_PKCS12_KEYSTORE_DOES_NOT_EXIST.get());
              }
              pathValid = false;
            }
          }
          else
          {
            certificateHasAlias = certManager.hasRealAliases();
          }
        }
        catch (KeyStoreException ke)
        {
          pwdValid = false;

View Full Code Here


      // Generate a password
      String pwd = new String(SetupUtils.createSelfSignedCertificatePwd());


      // Generate a self-signed certificate
      CertificateManager certManager = new CertificateManager(
          getFullPath(fbKeyManagerConfig.getKeyStoreFile()), fbKeyManagerConfig
              .getKeyStoreType(), pwd);
      String hostName =
        SetupUtils.getHostNameForCertificate(DirectoryServer.getServerRoot());
      String subjectDN = "cn="
          + Rdn.escapeValue(hostName) + ",O="
          + FRIENDLY_NAME + " Self-Signed Certificate";
      certManager.generateSelfSignedCertificate(certAlias, subjectDN,
          ADMIN_CERT_VALIDITY);


      // Export the certificate
      String tempCertPath = getFullPath("config" + File.separator
          + "admin-cert.txt");
      SetupUtils.exportCertificate(certManager, certAlias, tempCertPath);


      // Create a new trust store and import the server certificate
      // into it
      CertificateManager trustManager = new CertificateManager(truststorePath,
          CertificateManager.KEY_STORE_TYPE_JKS, pwd);
      trustManager.addCertificate(certAlias, new File(tempCertPath));


      // Generate a password file
      if (!new File(pinFilePath).exists())
      {
        FileWriter file = new FileWriter(pinFilePath);

View Full Code Here

    // Cleanup SSL if necessary
    SecurityOptions sec = getUserData().getSecurityOptions();
    if (sec.getEnableSSL() || sec.getEnableStartTLS()) {
      if (SecurityOptions.CertificateType.SELF_SIGNED_CERTIFICATE.equals(
              sec.getCertificateType())) {
        CertificateManager cm = new CertificateManager(
            getSelfSignedKeystorePath(),
            CertificateManager.KEY_STORE_TYPE_JKS,
            getSelfSignedCertificatePwd());
        try {
          cm.removeCertificate(SELF_SIGNED_CERT_ALIAS);
        } catch (KeyStoreException e) {
          LOG.log(Level.INFO, "Error deleting self signed certification", e);
        }
      }

View Full Code Here

TOP

Related Classes of org.nasutekds.server.util.CertificateManager

org.nasutekds.messages.Message

org.nasutekds.quicksetup.installer.Installer

org.nasutekds.quicksetup.installer.offline.OfflineInstaller

org.nasutekds.quicksetup.installer.ui.SecurityOptionsDialog

org.nasutekds.server.admin.AdministrationConnector

org.nasutekds.server.backends.TrustStoreBackend

org.nasutekds.server.tools.InstallDS

java.security.cert.Certificate

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.