/** * We need a root CA as a file to add to the browser under which all certificates will be trusted. * * @throws Exception */ private void createRootCA() throws Exception { KeyPair _keyPair = newKeyPair(); rootCA = buildRootCert(Configuration.getRootCaName(), _keyPair); writePEMObject(rootCAPath, rootCA); writePEMObject(Configuration.getRootKeyPath(), _keyPair.getPrivate()); keystore.setKeyEntry( Configuration.getRootCaName(), _keyPair.getPrivate(), KEYSTORE_PASSWORD.toCharArray(), new X509Certificate[] {rootCA}); }
private X509Certificate buildRootCert(String domain, KeyPair _keyPair) throws Exception { X509v3CertificateBuilder certificateBuilder = createX509v3CertificateBuilder(domain, _keyPair); certificateBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); return createX509Certificate(certificateBuilder, _keyPair.getPrivate()); }
protected void generateKeyAndPutIntoKeyStore(final String domain) throws Exception { KeyPair keyPair = newKeyPair(); X509Certificate cert = buildSignedCert(domain, keyPair); addCertToKeystore(cert, keyPair.getPrivate(), domain); }