Example #1
0
  /**
   * Generate a self-signed certificate for the key with the given ID.
   *
   * @param keyId ID of the key
   * @param memberId client ID of the certificate owner
   * @param keyUsage specifies whether the certificate is for signing or authentication
   * @param commonName common name of the certificate
   * @param notBefore date the certificate becomes valid
   * @param notAfter date the certificate becomes invalid
   * @return byte content of the generated certificate
   * @throws Exception if any errors occur
   */
  public static byte[] generateSelfSignedCert(
      String keyId,
      ClientId memberId,
      KeyUsageInfo keyUsage,
      String commonName,
      Date notBefore,
      Date notAfter)
      throws Exception {
    LOG.trace("Generate self-signed cert for key '{}'", keyId);
    GenerateSelfSignedCertResponse response =
        execute(
            new GenerateSelfSignedCert(keyId, commonName, notBefore, notAfter, keyUsage, memberId));

    byte[] certificateBytes = response.getCertificateBytes();

    LOG.trace("Certificate with length of {} bytes generated", certificateBytes.length);

    return certificateBytes;
  }
Example #2
0
  /**
   * Create dummy public key certificate.
   *
   * @param keyId key id
   * @param cn common name
   * @throws Exception if an error occurs
   */
  @Command(description = "Create dummy public key certificate")
  public void dummyCert(
      @Param(name = "keyId", description = "Key ID") String keyId,
      @Param(name = "cn", description = "Common name") String cn)
      throws Exception {
    Calendar cal = GregorianCalendar.getInstance();
    cal.add(Calendar.YEAR, -1);
    Date notBefore = cal.getTime();
    cal.add(Calendar.YEAR, 2);
    Date notAfter = cal.getTime();

    ClientId memberId = ClientId.create("FOO", "BAR", "BAZ");

    GenerateSelfSignedCert request =
        new GenerateSelfSignedCert(keyId, cn, notBefore, notAfter, KeyUsageInfo.SIGNING, memberId);

    GenerateSelfSignedCertResponse response = SignerClient.execute(request);
    X509Certificate cert = readCertificate(response.getCertificateBytes());

    System.out.println("Certificate base64:");
    System.out.println(encodeBase64(cert.getEncoded()));
    bytesToFile(keyId + ".crt", cert.getEncoded());
    base64ToFile(keyId + ".crt.b64", cert.getEncoded());
  }