.setDn(dn) .setKeyAlgorithmName(keyAlgorithmName) .setKeySize(keySize) .build(); PKCS10CertificateSigningRequest.Builder csrBuilder = PKCS10CertificateSigningRequest.builder() .setCertificate(selfSignedX509CertificateAndSigningKey.getSelfSignedCertificate())
addExtension(subjectKeyIdentifierExtension);
.setDn(dn) .setKeyAlgorithmName(keyAlgorithmName) .setKeySize(keySize) .build(); PKCS10CertificateSigningRequest.Builder csrBuilder = PKCS10CertificateSigningRequest.builder() .setCertificate(selfSignedX509CertificateAndSigningKey.getSelfSignedCertificate())
.setDn(dn) .setKeyAlgorithmName(keyAlgorithmName) .setKeySize(keySize) .build(); PKCS10CertificateSigningRequest.Builder csrBuilder = PKCS10CertificateSigningRequest.builder() .setCertificate(selfSignedX509CertificateAndSigningKey.getSelfSignedCertificate())
Assert.checkNotNullParam("name", extensionName); Assert.checkNotNullParam("value", extensionValue); return addExtension(getX509CertificateExtension(critical, extensionName, extensionValue));
Assert.checkNotNullParam("name", extensionName); Assert.checkNotNullParam("value", extensionValue); return addExtension(getX509CertificateExtension(critical, extensionName, extensionValue));
.setDn(dn) .setKeyAlgorithmName(keyAlgorithmName) .setKeySize(keySize) .build(); PKCS10CertificateSigningRequest.Builder csrBuilder = PKCS10CertificateSigningRequest.builder() .setCertificate(selfSignedX509CertificateAndSigningKey.getSelfSignedCertificate())
Assert.checkNotNullParam("name", extensionName); Assert.checkNotNullParam("value", extensionValue); return addExtension(getX509CertificateExtension(critical, extensionName, extensionValue));
addExtension(subjectKeyIdentifierExtension);
.setKeySize(keySize) .setKeyAlgorithmName(keyAlgorithmName) .setDn(dn) .build(); privateKey = certificateAndSigningKey.getSigningKey(); certificate = certificateAndSigningKey.getSelfSignedCertificate();
addExtension(subjectKeyIdentifierExtension);
addExtension(subjectKeyIdentifierExtension);
certAndKeyBuilder.setDn(new X500Principal(distinguishedName)); if (algorithm != null) { certAndKeyBuilder.setKeyAlgorithmName(algorithm); certAndKeyBuilder.setSignatureAlgorithmName(signatureAlgorithm); certAndKeyBuilder.setKeySize(keySize); notBeforeDateTime = ZonedDateTime.now(); certAndKeyBuilder.setNotValidBefore(notBeforeDateTime); certAndKeyBuilder.setNotValidAfter(notBeforeDateTime.plusDays(validity)); if (extensions.isDefined()) { for (ModelNode extension : extensions.asList()) { String extensionName = NAME.resolveModelAttribute(context, extension).asString(); String extensionValue = VALUE.resolveModelAttribute(context, extension).asString(); certAndKeyBuilder.addExtension(critical, extensionName, extensionValue); SelfSignedX509CertificateAndSigningKey certAndKey = certAndKeyBuilder.build(); final PrivateKey privateKey = certAndKey.getSigningKey(); final X509Certificate[] certChain = new X509Certificate[1];
.setKeySize(keySize) .setKeyAlgorithmName(keyAlgorithmName) .setDn(dn) .build(); privateKey = certificateAndSigningKey.getSigningKey(); certificate = certificateAndSigningKey.getSelfSignedCertificate();
.setKeySize(keySize) .setKeyAlgorithmName(keyAlgorithmName) .setDn(dn) .build(); privateKey = certificateAndSigningKey.getSigningKey(); certificate = certificateAndSigningKey.getSelfSignedCertificate();
/** * Add or replace an X.509 certificate extension. If an extension with the same name already exists, it is replaced * and returned. See {@link SelfSignedX509CertificateAndSigningKey.Builder#addExtension(boolean, String, String)} * for the supported extension names and values. * * @param critical whether the extension should be marked as critical * @param extensionName the extension name (must not be {@code null}) * @param extensionValue the extension value, as a string (must not be {@code null}) * @return the existing extension or {@code null} if no other extension with the same OID existed or if an * error occurs while attempting to add the extension */ public X509CertificateExtension addOrReplaceExtension(boolean critical, String extensionName, String extensionValue) { Assert.checkNotNullParam("name", extensionName); return addOrReplaceExtension(getX509CertificateExtension(critical, extensionName, extensionValue)); }
/** * Change the key that is associated with the given ACME account. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to change the key that is associated with the given ACME account */ public void changeAccountKey(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); SelfSignedX509CertificateAndSigningKey newCertificateAndSigningKey = SelfSignedX509CertificateAndSigningKey.builder() .setKeySize(account.getKeySize()) .setKeyAlgorithmName(account.getKeyAlgorithmName()) .setDn(account.getDn()) .build(); changeAccountKey(account, staging, newCertificateAndSigningKey.getSelfSignedCertificate(), newCertificateAndSigningKey.getSigningKey()); }
/** * Add or replace an X.509 certificate extension. If an extension with the same name already exists, it is replaced * and returned. See {@link SelfSignedX509CertificateAndSigningKey.Builder#addExtension(boolean, String, String)} * for the supported extension names and values. * * @param critical whether the extension should be marked as critical * @param extensionName the extension name (must not be {@code null}) * @param extensionValue the extension value, as a string (must not be {@code null}) * @return the existing extension or {@code null} if no other extension with the same OID existed or if an * error occurs while attempting to add the extension */ public X509CertificateExtension addOrReplaceExtension(boolean critical, String extensionName, String extensionValue) { Assert.checkNotNullParam("name", extensionName); return addOrReplaceExtension(getX509CertificateExtension(critical, extensionName, extensionValue)); }
/** * Change the key that is associated with the given ACME account. * * @param account the ACME account information to use (must not be {@code null}) * @param staging whether or not the staging server URL should be used * @throws AcmeException if an error occurs while attempting to change the key that is associated with the given ACME account */ public void changeAccountKey(AcmeAccount account, boolean staging) throws AcmeException { Assert.checkNotNullParam("account", account); SelfSignedX509CertificateAndSigningKey newCertificateAndSigningKey = SelfSignedX509CertificateAndSigningKey.builder() .setKeySize(account.getKeySize()) .setKeyAlgorithmName(account.getKeyAlgorithmName()) .setDn(account.getDn()) .build(); changeAccountKey(account, staging, newCertificateAndSigningKey.getSelfSignedCertificate(), newCertificateAndSigningKey.getSigningKey()); }
/** * Add or replace an X.509 certificate extension. If an extension with the same name already exists, it is replaced * and returned. See {@link SelfSignedX509CertificateAndSigningKey.Builder#addExtension(boolean, String, String)} * for the supported extension names and values. * * @param critical whether the extension should be marked as critical * @param extensionName the extension name (must not be {@code null}) * @param extensionValue the extension value, as a string (must not be {@code null}) * @return the existing extension or {@code null} if no other extension with the same OID existed or if an * error occurs while attempting to add the extension */ public X509CertificateExtension addOrReplaceExtension(boolean critical, String extensionName, String extensionValue) { Assert.checkNotNullParam("name", extensionName); return addOrReplaceExtension(getX509CertificateExtension(critical, extensionName, extensionValue)); }