public static KeyStore createTrustStore(String caCertData, String caCertFile, String trustStoreFile, String trustStorePassphrase) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException { try (InputStream pemInputStream = getInputStreamFromDataOrFile(caCertData, caCertFile)) { return createTrustStore(pemInputStream, trustStoreFile, getTrustStorePassphrase(trustStorePassphrase)); } }
public static TrustManager[] trustManagers(String certData, String certFile, boolean isTrustCerts, String trustStoreFile, String trustStorePassphrase) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = null; if (isTrustCerts) { return new TrustManager[]{ new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String s) { } public void checkServerTrusted(X509Certificate[] chain, String s) { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }; } else if (Utils.isNotNullOrEmpty(certData) || Utils.isNotNullOrEmpty(certFile)) { trustStore = createTrustStore(certData, certFile, trustStoreFile, trustStorePassphrase); } tmf.init(trustStore); return tmf.getTrustManagers(); }
private void verifyFabric8InStore(KeyStore trustStore) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { Certificate certificate = trustStore.getCertificate("fabric8-in-store"); assertNotNull(certificate); InputStream certificateFile = CertUtils.getInputStreamFromDataOrFile(null, "src/test/resources/ssl/fabric8.crt"); KeyStore storeWithCert = CertUtils.createTrustStore(certificateFile, null, "".toCharArray()); String certificateAlias = storeWithCert.getCertificateAlias(certificate); assertNotNull(certificateAlias); }
@Test public void testLoadTrustStoreFromFileUsingSystemProperties() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { System.setProperty(CertUtils.TRUST_STORE_SYSTEM_PROPERTY, FABRIC8_STORE_PATH); System.setProperty(CertUtils.TRUST_STORE_PASSWORD_SYSTEM_PROPERTY, String.valueOf(FABRIC8_STORE_PASSPHRASE)); KeyStore trustStore = CertUtils.createTrustStore(getMultipleCertsInputSteam(), null, null); assertEquals(3, trustStore.size()); verifyFabric8InStore(trustStore); }
@Test public void testLoadingMultipleCertsFromSameFile() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore ts = CertUtils.createTrustStore(getMultipleCertsInputSteam(), null, "changeit".toCharArray()); assertTrue(ts.size() >= 2); }
@Test public void testLoadTrustStoreFromFileUsingConfigProperties() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore trustStore = CertUtils.createTrustStore(getMultipleCertsInputSteam(), FABRIC8_STORE_PATH, FABRIC8_STORE_PASSPHRASE); assertEquals(3, trustStore.size()); verifyFabric8InStore(trustStore); }
@Ignore @Test public void testLoadingDodgyKubeConfig() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, InvalidKeySpecException { System.setProperty("kubeconfig", "/tmp/ceposta.kubeconfig"); KubernetesClient client = new DefaultKubernetesClient(); Config config = client.getConfiguration(); KeyStore ts = CertUtils.createTrustStore(config.getCaCertData(), null, null, "changeit"); KeyStore ks = CertUtils.createKeyStore(config.getClientCertData(), null, config.getClientKeyData(), null, "RSA", "changeit", null, "changeit"); }
public static KeyStore createTrustStore(String caCertData, String caCertFile) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException { try (InputStream pemInputStream = getInputStreamFromDataOrFile(caCertData, caCertFile)) { return createTrustStore(pemInputStream); } }
public static TrustManager[] trustManagers(String certData, String certFile, boolean isTrustCerts) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); KeyStore trustStore = null; if (isTrustCerts) { return new TrustManager[]{ new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String s) { } public void checkServerTrusted(X509Certificate[] chain, String s) { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }; } else if (isNotNullOrEmpty(certData) || isNotNullOrEmpty(certFile)) { trustStore = createTrustStore(certData, certFile); } tmf.init(trustStore); return tmf.getTrustManagers(); }