private WebsiteCertificate createWebsiteCertificate(String... domainNames) { String commonName = domainNames[0]; AsymmetricKeys keys = RSACrypt.RSA_CRYPT.generateKeyPair(1024); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(commonName) // .addSanDns(domainNames) // .setStartDate(DateTools.parseDateOnly("2001-07-01")).setEndDate(DateTools.parseDateOnly("2001-08-01"))); WebsiteCertificate websiteCertificate = new WebsiteCertificate(); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, websiteCertificate); websiteCertificate.setThumbprint(HashSha1.hashString(Joiner.on(',').join(domainNames))); return websiteCertificate; }
private WebsiteCertificate createWebsiteCertificate(String... domainNames) { String commonName = domainNames[0]; AsymmetricKeys keys = RSACrypt.RSA_CRYPT.generateKeyPair(1024); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(commonName) // .addSanDns(domainNames) // .setStartDate(DateTools.parseDateOnly("2001-07-01")).setEndDate(DateTools.parseDateOnly("2001-08-01"))); WebsiteCertificate websiteCertificate = new WebsiteCertificate(); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, websiteCertificate); websiteCertificate.setThumbprint(HashSha1.hashString(Joiner.on(',').join(domainNames))); return websiteCertificate; }
@Override public void fillResource(CommonServicesContext servicesCtx, ChangesContext changesContext, Map<String, String> validFormValues, WebsiteCertificate resource) { String domain = validFormValues.get(FIELD_NAME_DOMAIN); boolean gen = resource.getInternalId() == null; // Not gen gen |= resource.getCertificate() == null; // Expired if (resource.getEnd() == null) { gen = true; } else { gen |= resource.getEnd().getTime() < System.currentTimeMillis(); } // Not the same domain Optional<String> currentDomainOptional = resource.getDomainNames().stream().findFirst(); if (currentDomainOptional.isPresent()) { gen |= !currentDomainOptional.get().equals(domain); } else { gen = true; } // Generate if needed if (gen) { AsymmetricKeys keys = RSACrypt.RSA_CRYPT.generateKeyPair(4096); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(domain) // .addSanDns(domain) // .setEndDate(DateTools.addDate(Calendar.MONTH, 1))); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, resource); } }
@Override public void fillResource(CommonServicesContext servicesCtx, ChangesContext changesContext, Map<String, String> validFormValues, WebsiteCertificate resource) { String domain = validFormValues.get(FIELD_NAME_DOMAIN); boolean gen = resource.getInternalId() == null; // Not gen gen |= resource.getCertificate() == null; // Expired if (resource.getEnd() == null) { gen = true; } else { gen |= resource.getEnd().getTime() < System.currentTimeMillis(); } // Not the same domain Optional<String> currentDomainOptional = resource.getDomainNames().stream().findFirst(); if (currentDomainOptional.isPresent()) { gen |= !currentDomainOptional.get().equals(domain); } else { gen = true; } // Generate if needed if (gen) { AsymmetricKeys keys = RSACrypt.RSA_CRYPT.generateKeyPair(4096); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(domain) // .addSanDns(domain) // .setEndDate(DateTools.addDate(Calendar.MONTH, 1))); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, resource); } }
new CertificateDetails().setCommonName(domain) // .addSanDns(domain) // .setEndDate(DateTools.addDate(Calendar.DAY_OF_YEAR, 1))); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, resource);
@Override public void timerHandler(CommonServicesContext services, ChangesContext changes, TimerEventContext event) { IPResourceService resourceService = services.getResourceService(); // Check the certs that will expire in 1 week logger.info("Getting self-signed certificates that expire in 1 week"); List<WebsiteCertificate> certificatesToUpdate = resourceService.resourceFindAll( // resourceService.createResourceQuery(WebsiteCertificate.class) // .addEditorEquals(SelfSignedWebsiteCertificateEditor.EDITOR_NAME) // .propertyLesserAndEquals(WebsiteCertificate.PROPERTY_END, DateTools.addDate(Calendar.WEEK_OF_YEAR, 1) // )); // Update them logger.info("Got {} certificates to update", certificatesToUpdate.size()); for (WebsiteCertificate certificate : certificatesToUpdate) { logger.info("Updating certificate {}", certificate.getDomainNames()); try { RSACertificate currentRsaCertificate = CertificateHelper.toRSACertificate(certificate); AsymmetricKeys keys = currentRsaCertificate.getKeysForSigning(); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(currentRsaCertificate.getCommonName()) // .addSanDns(currentRsaCertificate.getCommonName()) // .setEndDate(DateTools.addDate(Calendar.MONTH, 1))); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, certificate); changes.resourceUpdate(certificate.getInternalId(), certificate); } catch (Exception e) { logger.error("Problem updating self-signed certificate {}", certificate.getDomainNames(), e); services.getMessagingService().alertingError("Problem updating self-signed certificate " + certificate.getDomainNames(), e.getMessage()); } } }
@Override public void timerHandler(CommonServicesContext services, ChangesContext changes, TimerEventContext event) { IPResourceService resourceService = services.getResourceService(); // Check the certs that will expire in 1 week logger.info("Getting self-signed certificates that expire in 1 week"); List<WebsiteCertificate> certificatesToUpdate = resourceService.resourceFindAll( // resourceService.createResourceQuery(WebsiteCertificate.class) // .addEditorEquals(SelfSignedWebsiteCertificateEditor.EDITOR_NAME) // .propertyLesserAndEquals(WebsiteCertificate.PROPERTY_END, DateTools.addDate(Calendar.WEEK_OF_YEAR, 1) // )); // Update them logger.info("Got {} certificates to update", certificatesToUpdate.size()); for (WebsiteCertificate certificate : certificatesToUpdate) { logger.info("Updating certificate {}", certificate.getDomainNames()); try { RSACertificate currentRsaCertificate = CertificateHelper.toRSACertificate(certificate); AsymmetricKeys keys = currentRsaCertificate.getKeysForSigning(); RSACertificate rsaCertificate = new RSACertificate(keys).selfSign( // new CertificateDetails().setCommonName(currentRsaCertificate.getCommonName()) // .addSanDns(currentRsaCertificate.getCommonName()) // .setEndDate(DateTools.addDate(Calendar.MONTH, 1))); CertificateHelper.toWebsiteCertificate(null, rsaCertificate, certificate); changes.resourceUpdate(certificate.getInternalId(), certificate); } catch (Exception e) { logger.error("Problem updating self-signed certificate {}", certificate.getDomainNames(), e); services.getMessagingService().alertingError("Problem updating self-signed certificate " + certificate.getDomainNames(), e.getMessage()); } } }
rsaCert.selfSign(new CertificateDetails() // .setStartDate(DateTools.parseDateOnly("2001-01-01")) // .setEndDate(DateTools.parseDateOnly("2002-01-01")) // .addSanDns("m1.example.com", "m2.example.com") // ); rsaCert.selfSign(new CertificateDetails() // .setStartDate(DateTools.parseDateOnly("2001-01-01")) // .setEndDate(DateTools.parseDateOnly("2002-01-01")) // .addSanDns("m3.example.com", "m2.example.com") // );
rsaCert.selfSign(new CertificateDetails() // .setStartDate(DateTools.parseDateOnly("2001-01-01")) // .setEndDate(DateTools.parseDateOnly("2002-01-01")) // .addSanDns("m1.example.com", "m2.example.com") // ); rsaCert.selfSign(new CertificateDetails() // .setStartDate(DateTools.parseDateOnly("2001-01-01")) // .setEndDate(DateTools.parseDateOnly("2002-01-01")) // .addSanDns("m3.example.com", "m2.example.com") // );