/** * Credential used for authentication of the server/client. * * @param credential credential or null for manager returning always empty values */ public X509KeyManager(X509Credential credential) { if (credential != null) { this.privateKey = credential.getPrivateKey(); this.chain = credential.getEntityCertificateChain().toArray(new X509Certificate[credential.getEntityCertificateChain().size()]); this.alias = ALIAS_NAME; this.aliases = ALIAS; } else { this.privateKey = null; this.chain = null; this.alias = null; this.aliases = null; } }
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); for (X509Certificate c : trustCredential.getEntityCertificateChain()) { keystore.setCertificateEntry("ldap_tls_trust_" + c.getSerialNumber(), c); keystore.load(null, null); keystore.setKeyEntry("ldap_tls_client_auth", connectionCredential.getPrivateKey(), "changeit" .toCharArray(), connectionCredential.getEntityCertificateChain() .toArray(new X509Certificate[0])); kmf.init(keystore, "changeit".toCharArray());
/** Process the value of {@link X509Credential#getEntityCertificateChain()}. * * @param keyInfo the KeyInfo that is being built * @param x509Data the X509Data that is being built * @param credential the Credential that is being processed * @throws SecurityException thrown if the certificate data can not be encoded from the Java certificate object */ protected void processEntityCertificateChain(KeyInfo keyInfo, X509Data x509Data, X509Credential credential) throws SecurityException { if (options.emitEntityCertificateChain && credential.getEntityCertificateChain() != null) { for (java.security.cert.X509Certificate javaCert : credential.getEntityCertificateChain()) { try { X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert); x509Data.getX509Certificates().add(xmlCert); } catch (CertificateEncodingException e) { throw new SecurityException("Error generating X509Certificate element " + "from a certificate in credential's certificate chain", e); } } } }
/** Process the value of {@link X509Credential#getEntityCertificateChain()}. * * @param keyInfo the KeyInfo that is being built * @param x509Data the X509Data that is being built * @param credential the Credential that is being processed * @throws SecurityException thrown if the certificate data can not be encoded from the Java certificate object */ protected void processEntityCertificateChain(KeyInfo keyInfo, X509Data x509Data, X509Credential credential) throws SecurityException { if (options.emitEntityCertificateChain && credential.getEntityCertificateChain() != null) { for (java.security.cert.X509Certificate javaCert : credential.getEntityCertificateChain()) { try { X509Certificate xmlCert = KeyInfoHelper.buildX509Certificate(javaCert); x509Data.getX509Certificates().add(xmlCert); } catch (CertificateEncodingException e) { throw new SecurityException("Error generating X509Certificate element " + "from a certificate in credential's certificate chain", e); } } } }
List<Object> storeMaterial = new ArrayList<Object>(untrustedCredential.getEntityCertificateChain()); if (log.isTraceEnabled()) { for (X509Certificate cert : untrustedCredential.getEntityCertificateChain()) { log.trace(String.format("Added X509Certificate from entity cert chain to cert store " + "with subject name '%s' issued by '%s' with serial number '%s'",
List<Object> storeMaterial = new ArrayList<Object>(untrustedCredential.getEntityCertificateChain()); if (log.isTraceEnabled()) { for (X509Certificate cert : untrustedCredential.getEntityCertificateChain()) { log.trace(String.format("Added X509Certificate from entity cert chain to cert store " + "with subject name '%s' issued by '%s' with serial number '%s'",