Skip to content
Snippets Groups Projects
Commit d722ac58 authored by OZGCloud's avatar OZGCloud
Browse files

OZG-3322 build key store like in zufi

parent 3202951f
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
user-manager-server/src/main/java/de/itvsh/kop/user/MongodbCertificateLoader.java
+ 33
2
View file @ d722ac58
...@@ -8,7 +8,9 @@ import java.nio.file.Paths; ...@@ -8,7 +8,9 @@ import java.nio.file.Paths;
import java.security.KeyStore; import java.security.KeyStore;
import java.security.KeyStoreException; import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.enterprise.context.ApplicationScoped; import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes; import javax.enterprise.event.Observes;
...@@ -27,15 +29,44 @@ class MongodbCertificateLoader { ...@@ -27,15 +29,44 @@ class MongodbCertificateLoader {
void onStart(@Observes StartupEvent ev) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException { void onStart(@Observes StartupEvent ev) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
if(Files.exists(Paths.get(mongoDbCaCert))) { if(Files.exists(Paths.get(mongoDbCaCert))) {
buildKeyStore();
System.out.println("loading cert..."); System.out.println("loading cert...");
KeyStore keystore = KeyStore.getInstance("pkcs12"); // KeyStore keystore = KeyStore.getInstance("pkcs12");
keystore.load(loadCaCrt(), null); // keystore.load(loadCaCrt(), null);
System.out.println("cert loaded"); System.out.println("cert loaded");
} else { } else {
System.out.println("cert file does not exists"); System.out.println("cert file does not exists");
} }
} }
KeyStore buildKeyStore() {
try {
var trustStore = initKeyStore();
trustStore.setCertificateEntry("ca", generateCertificate());
return trustStore;
} catch (Exception e) {
throw new TechnicalException("Error building KeyStore", e);
}
}
KeyStore initKeyStore() {
try {
var trustStore = KeyStore.getInstance("pkcs12");
trustStore.load(null, null);
return trustStore;
} catch (Exception e) {
throw new TechnicalException("Error init KeyStore", e);
}
}
Certificate generateCertificate() {
try {
return CertificateFactory.getInstance("X.509").generateCertificate(loadCaCrt());
} catch (Exception e) {
throw new TechnicalException("Error generating Certificate", e);
}
}
InputStream loadCaCrt() { InputStream loadCaCrt() {
try { try {
return Files.newInputStream(Paths.get(mongoDbCaCert)); return Files.newInputStream(Paths.get(mongoDbCaCert));
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz - Barrierefreiheit