/** * Loads a key pair from specified file. If the file does not exist, * a new key pair is generated and saved. * * @return {@link KeyPair}. */ private KeyPair loadOrCreateKeyPair(File file) throws IOException { if (file.exists()) { try (FileReader fr = new FileReader(file)) { return KeyPairUtils.readKeyPair(fr); } } else { KeyPair domainKeyPair = KeyPairUtils.createKeyPair(KEY_SIZE); try (FileWriter fw = new FileWriter(file)) { KeyPairUtils.writeKeyPair(domainKeyPair, fw); } return domainKeyPair; } }
CSRBuilder csrb = new CSRBuilder(); csrb.addDomain(domain); csrb.setOrganization("Blynk Inc."); csrb.sign(domainKeyPair); order.execute(csrb.getEncoded());
private KeyPair createKeyPair(File file) throws IOException { messages.add("creating keypair", LOG); KeyPair keyPair = KeyPairUtils.createKeyPair(2048); try (FileWriter fw = new FileWriter(file)) { KeyPairUtils.writeKeyPair(keyPair, fw); } return keyPair; }
/** * Writes the signed certificate request to a {@link Writer}. * * @param w * {@link Writer} to write the PEM file to. The {@link Writer} is closed * after use. */ public void write(@WillClose Writer w) throws IOException { if (csr == null) { throw new IllegalStateException("sign CSR first"); } try (PemWriter pw = new PemWriter(w)) { pw.writeObject(new PemObject("CERTIFICATE REQUEST", getEncoded())); } }
csr = CertificateUtils.readCSR(fis).getEncoded(); } catch (Exception e) { LOG.error("unable to load csr. trying to create new", e); csr = csrb.getEncoded(); } catch (IOException e1) { LOG.error("unable to encode csr", e1); certificate = reg.requestCertificate(csrb.getEncoded()); } catch (Exception e1) { LOG.error("unable to renew certificate with new csr", e1);
/** * Writes the signed certificate request to an {@link OutputStream}. * * @param out * {@link OutputStream} to write the PEM file to. The {@link OutputStream} * is closed after use. */ public void write(@WillClose OutputStream out) throws IOException { write(new OutputStreamWriter(out, "utf-8")); }
private KeyPair loadOrCreateKeyPair(File file) throws IOException { if (file.exists()) { messages.add("loading keypair", LOG); try (FileReader fr = new FileReader(file)) { return KeyPairUtils.readKeyPair(fr); } } else { return createKeyPair(file); } }
/** * Gets an encoded PKCS#10 certification request. */ public byte[] getEncoded() throws IOException { return getCSR().getEncoded(); }
/** * Creates a self-signed {@link X509Certificate} that can be used for the * {@link TlsAlpn01Challenge}. The certificate is valid for 7 days. * * @param keypair * A domain {@link KeyPair} to be used for the challenge * @param subject * The subject (domain name) that is to be validated * @param acmeValidation * The value that is returned by * {@link TlsAlpn01Challenge#getAcmeValidation()} * @return Created certificate * @since 2.1 * @deprecated Use {@link #createTlsAlpn01Certificate(KeyPair, Identifier, byte[])} * and {@link Identifier#dns(String)}. If an {@link Authorization} * instance is at hand, you can also use * {@link Authorization#getIdentifier()}. */ @Deprecated public static X509Certificate createTlsAlpn01Certificate(KeyPair keypair, String subject, byte[] acmeValidation) throws IOException { Objects.requireNonNull(subject, "subject"); return createTlsAlpn01Certificate(keypair, Identifier.dns(subject), acmeValidation); }
public synchronized void start() { if (executor != null) { return; } executor = Executors.newScheduledThreadPool(1, new NamingThreadFactory("acme-client")); if (isSSLEnabled()) { try (FileInputStream fis = new FileInputStream(new File(basepath, "domain-chain.crt"))) { X509Certificate certificate = CertificateUtils.readX509Certificate(fis); scheduleRenew(certificate); } catch (IOException e) { LOG.error("unable to load certificate for renewal", e); } } }
/** * Loads a domain key pair from {@value #DOMAIN_KEY_FILE}. If the file does not exist, * a new key pair is generated and saved. * * @return Domain {@link KeyPair}. */ private KeyPair loadOrCreateDomainKeyPair() throws IOException { if (DOMAIN_KEY_FILE.exists()) { try (FileReader fr = new FileReader(DOMAIN_KEY_FILE)) { return KeyPairUtils.readKeyPair(fr); } } else { KeyPair domainKeyPair = KeyPairUtils.createKeyPair(KEY_SIZE); try (FileWriter fw = new FileWriter(DOMAIN_KEY_FILE)) { KeyPairUtils.writeKeyPair(domainKeyPair, fw); } return domainKeyPair; } }
public CompletableFuture<Redirect> postStartSslInstall(String email) { log.info("create key pair"); KeyPair accountKeyPair = KeyPairUtils.createKeyPair(2048); log.info("done creating key pair"); try (StringWriter writer = new StringWriter()) { KeyPairUtils.writeKeyPair(accountKeyPair, writer); log.info("done marshalling keypair to string"); Map<String, String> properties = new HashMap<>(); properties.put(InstallSslCertPlugin.ACCOUNT_KEYPAIR_KEY, writer.toString()); properties.put(EMAIL, email); return this.storage.save(InstallSslCertPlugin.PLUGIN_PROPERTIES_KEY, properties) .thenApply( (v) -> { log.info("done saving, redirecting to step2"); return Actions.redirect(InstallSslCertRouteId.STEP2); }); } catch(IOException e) { return CompletableFuture.failedFuture(e); } }
/** * Writes the signed certificate request to a {@link Writer}. * * @param w * {@link Writer} to write the PEM file to. The {@link Writer} is closed * after use. */ public void write(@WillClose Writer w) throws IOException { if (csr == null) { throw new IllegalStateException("sign CSR first"); } try (PemWriter pw = new PemWriter(w)) { pw.writeObject(new PemObject("CERTIFICATE REQUEST", getEncoded())); } }
/** * Writes the signed certificate request to an {@link OutputStream}. * * @param out * {@link OutputStream} to write the PEM file to. The {@link OutputStream} * is closed after use. */ public void write(@WillClose OutputStream out) throws IOException { write(new OutputStreamWriter(out, "utf-8")); }
private CompletableFuture<Redirect> process(Map<String, String> props, RouterRequest request, String organization) { log.info("read in properties from database"); String domain = request.domain; String accountKeyPairString = props.get(InstallSslCertPlugin.ACCOUNT_KEYPAIR_KEY); String email = props.get(EMAIL); try { KeyPair accountKeyPair = KeyPairUtils.readKeyPair(new StringReader(accountKeyPairString)); log.info("deserialized keypair"); return acmeClient.openAccount(email, accountKeyPair) .thenCompose((url) -> saveUrlAndProcessOrder(url, accountKeyPair, email, domain, organization)); } catch (IOException e) { throw new RuntimeException(e); } }
/** * Gets an encoded PKCS#10 certification request. */ public byte[] getEncoded() throws IOException { return getCSR().getEncoded(); }
/** * Creates a self-signed {@link X509Certificate} that can be used for the * {@link TlsAlpn01Challenge}. The certificate is valid for 7 days. * * @param keypair * A domain {@link KeyPair} to be used for the challenge * @param subject * The subject (domain name) that is to be validated * @param acmeValidation * The value that is returned by * {@link TlsAlpn01Challenge#getAcmeValidation()} * @return Created certificate * @since 2.1 * @deprecated Use {@link #createTlsAlpn01Certificate(KeyPair, Identifier, byte[])} * and {@link Identifier#dns(String)}. If an {@link Authorization} * instance is at hand, you can also use * {@link Authorization#getIdentifier()}. */ @Deprecated public static X509Certificate createTlsAlpn01Certificate(KeyPair keypair, String subject, byte[] acmeValidation) throws IOException { Objects.requireNonNull(subject, "subject"); return createTlsAlpn01Certificate(keypair, Identifier.dns(subject), acmeValidation); }
/** * Loads a key pair from specified file. If the file does not exist, * a new key pair is generated and saved. * * @return {@link KeyPair}. */ private KeyPair loadOrCreateKeyPair(File file) throws IOException { if (file.exists()) { try (FileReader fr = new FileReader(file)) { return KeyPairUtils.readKeyPair(fr); } } else { KeyPair domainKeyPair = KeyPairUtils.createKeyPair(KEY_SIZE); try (FileWriter fw = new FileWriter(file)) { KeyPairUtils.writeKeyPair(domainKeyPair, fw); } return domainKeyPair; } }
private void doSetup() { messages.add("starting up...", LOG); Registration reg = loadOrCreateRegistration(); if (reg == null) { return; } CSRBuilder csrb = createCSR(reg); if (csrb == null) { return; } messages.add("requesting certificate", LOG); Certificate certificate; try { certificate = reg.requestCertificate(csrb.getEncoded()); } catch (Exception e) { String message = "unable to request certificate"; messages.add(message); LOG.error(message, e); return; } downloadCertificate(certificate); }
/** * Loads a user key pair from {@value #USER_KEY_FILE}. If the file does not exist, * a new key pair is generated and saved. * <p> * Keep this key pair in a safe place! In a production environment, you will not be * able to access your account again if you should lose the key pair. * * @return User's {@link KeyPair}. */ private KeyPair loadOrCreateUserKeyPair() throws IOException { if (USER_KEY_FILE.exists()) { // If there is a key file, read it try (FileReader fr = new FileReader(USER_KEY_FILE)) { return KeyPairUtils.readKeyPair(fr); } } else { // If there is none, create a new key pair and save it KeyPair userKeyPair = KeyPairUtils.createKeyPair(KEY_SIZE); try (FileWriter fw = new FileWriter(USER_KEY_FILE)) { KeyPairUtils.writeKeyPair(userKeyPair, fw); } return userKeyPair; } }