@Override public CertificateInfo generate(List<String> hostnames, X509Certificate originalCertificate) { if (hostnames == null || hostnames.size() < 1) { throw new IllegalArgumentException("Cannot create X.509 certificate without server hostname"); } // take the first entry as the CN String commonName = hostnames.get(0); return new CertificateInfo() .commonName(commonName) .organization(DEFAULT_IMPERSONATED_CERT_ORG) .organizationalUnit(DEFAULT_IMPERSONATED_CERT_ORG_UNIT) .notBefore(getNotBefore()) .notAfter(getNotAfter()) .subjectAlternativeNames(hostnames); }
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); if (certificateInfo.getCommonName() != null) { x500NameBuilder.addRDN(BCStyle.CN, certificateInfo.getCommonName()); if (certificateInfo.getOrganization() != null) { x500NameBuilder.addRDN(BCStyle.O, certificateInfo.getOrganization()); if (certificateInfo.getOrganizationalUnit() != null) { x500NameBuilder.addRDN(BCStyle.OU, certificateInfo.getOrganizationalUnit()); if (certificateInfo.getEmail() != null) { x500NameBuilder.addRDN(BCStyle.E, certificateInfo.getEmail()); if (certificateInfo.getLocality() != null) { x500NameBuilder.addRDN(BCStyle.L, certificateInfo.getLocality()); if (certificateInfo.getState() != null) { x500NameBuilder.addRDN(BCStyle.ST, certificateInfo.getState()); if (certificateInfo.getCountryCode() != null) { x500NameBuilder.addRDN(BCStyle.C, certificateInfo.getCountryCode());
String messageDigest) { if (certificateInfo.getCommonName() == null) { throw new IllegalArgumentException("Must specify CN for server certificate"); if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); certificateHolder = new JcaX509v3CertificateBuilder(caRootCertificate, serialNumber, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), serverCertificateSubject, serverKeyPair.getPublic()) .addExtension(Extension.subjectAlternativeName, false, getDomainNameSANsAsASN1Encodable(certificateInfo.getSubjectAlternativeNames())) .addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(serverKeyPair.getPublic())) .addExtension(Extension.basicConstraints, false, new BasicConstraints(false))
CertificateInfo certificateInfo = new CertificateInfo(); certificateInfo.countryCode("CN"); certificateInfo.organization("yangguo.info"); certificateInfo.email("yangguo@outlook.com"); certificateInfo.commonName("WAF Integration Certification Authority"); DateTime dateTime = new DateTime(); certificateInfo.notBefore(dateTime.minusDays(1).toDate()); certificateInfo.notAfter(dateTime.plusYears(1).toDate()); RootCertificateGenerator.Builder rootCertificateGeneratorBuilder = RootCertificateGenerator.builder(); rootCertificateGeneratorBuilder.certificateInfo(certificateInfo);
KeyPair keyPair, String messageDigest) { if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); issuer, serial, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), issuer, rootCertificatePublicKey)
log.debug("Impersonated certificate for {} in {}ms", certificateInfo.getCommonName(), impersonationFinish - impersonationStart);
KeyPair keyPair, String messageDigest) { if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); issuer, serial, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), issuer, rootCertificatePublicKey)
log.debug("Impersonated certificate for {} in {}ms", certificateInfo.getCommonName(), impersonationFinish - impersonationStart);
@Override public CertificateInfo generate(List<String> hostnames, X509Certificate originalCertificate) { if (hostnames == null || hostnames.size() < 1) { throw new IllegalArgumentException("Cannot create X.509 certificate without server hostname"); } // take the first entry as the CN String commonName = hostnames.get(0); return new CertificateInfo() .commonName(commonName) .organization(DEFAULT_IMPERSONATED_CERT_ORG) .organizationalUnit(DEFAULT_IMPERSONATED_CERT_ORG_UNIT) .notBefore(getNotBefore()) .notAfter(getNotAfter()) .subjectAlternativeNames(hostnames); }
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); if (certificateInfo.getCommonName() != null) { x500NameBuilder.addRDN(BCStyle.CN, certificateInfo.getCommonName()); if (certificateInfo.getOrganization() != null) { x500NameBuilder.addRDN(BCStyle.O, certificateInfo.getOrganization()); if (certificateInfo.getOrganizationalUnit() != null) { x500NameBuilder.addRDN(BCStyle.OU, certificateInfo.getOrganizationalUnit()); if (certificateInfo.getEmail() != null) { x500NameBuilder.addRDN(BCStyle.E, certificateInfo.getEmail()); if (certificateInfo.getLocality() != null) { x500NameBuilder.addRDN(BCStyle.L, certificateInfo.getLocality()); if (certificateInfo.getState() != null) { x500NameBuilder.addRDN(BCStyle.ST, certificateInfo.getState()); if (certificateInfo.getCountryCode() != null) { x500NameBuilder.addRDN(BCStyle.C, certificateInfo.getCountryCode());
String messageDigest) { if (certificateInfo.getCommonName() == null) { throw new IllegalArgumentException("Must specify CN for server certificate"); if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); certificateHolder = new JcaX509v3CertificateBuilder(caRootCertificate, serialNumber, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), serverCertificateSubject, serverKeyPair.getPublic()) .addExtension(Extension.subjectAlternativeName, false, getDomainNameSANsAsASN1Encodable(certificateInfo.getSubjectAlternativeNames())) .addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(serverKeyPair.getPublic())) .addExtension(Extension.basicConstraints, false, new BasicConstraints(false))
KeyPair keyPair, String messageDigest) { if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); issuer, serial, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), issuer, rootCertificatePublicKey)
log.debug("Impersonated certificate for {} in {}ms", certificateInfo.getCommonName(), impersonationFinish - impersonationStart);
@Override public CertificateInfo generate(List<String> hostnames, X509Certificate originalCertificate) { if (hostnames == null || hostnames.size() < 1) { throw new IllegalArgumentException("Cannot create X.509 certificate without server hostname"); } // take the first entry as the CN String commonName = hostnames.get(0); return new CertificateInfo() .commonName(commonName) .organization(DEFAULT_IMPERSONATED_CERT_ORG) .organizationalUnit(DEFAULT_IMPERSONATED_CERT_ORG_UNIT) .notBefore(getNotBefore()) .notAfter(getNotAfter()) .subjectAlternativeNames(hostnames); }
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); if (certificateInfo.getCommonName() != null) { x500NameBuilder.addRDN(BCStyle.CN, certificateInfo.getCommonName()); if (certificateInfo.getOrganization() != null) { x500NameBuilder.addRDN(BCStyle.O, certificateInfo.getOrganization()); if (certificateInfo.getOrganizationalUnit() != null) { x500NameBuilder.addRDN(BCStyle.OU, certificateInfo.getOrganizationalUnit()); if (certificateInfo.getEmail() != null) { x500NameBuilder.addRDN(BCStyle.E, certificateInfo.getEmail()); if (certificateInfo.getLocality() != null) { x500NameBuilder.addRDN(BCStyle.L, certificateInfo.getLocality()); if (certificateInfo.getState() != null) { x500NameBuilder.addRDN(BCStyle.ST, certificateInfo.getState()); if (certificateInfo.getCountryCode() != null) { x500NameBuilder.addRDN(BCStyle.C, certificateInfo.getCountryCode());
String messageDigest) { if (certificateInfo.getCommonName() == null) { throw new IllegalArgumentException("Must specify CN for server certificate"); if (certificateInfo.getNotBefore() == null) { throw new IllegalArgumentException("Must specify Not Before for server certificate"); if (certificateInfo.getNotAfter() == null) { throw new IllegalArgumentException("Must specify Not After for server certificate"); certificateHolder = new JcaX509v3CertificateBuilder(caRootCertificate, serialNumber, certificateInfo.getNotBefore(), certificateInfo.getNotAfter(), serverCertificateSubject, serverKeyPair.getPublic()) .addExtension(Extension.subjectAlternativeName, false, getDomainNameSANsAsASN1Encodable(certificateInfo.getSubjectAlternativeNames())) .addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(serverKeyPair.getPublic())) .addExtension(Extension.basicConstraints, false, new BasicConstraints(false))