@Override public CommandResult execute(ParameterContainer parameters) { String username = parameters.get(ENTITY_NAME); String password = parameters.get(ENTITY_PASSWORD); String csr = parameters.get(CSR); String certf = parameters.get(DESTINATION_FILE); byte[] bytes; try { bytes = FileTools.readFiletoBuffer(csr); } catch (FileNotFoundException e) { log.error("File " + csr + " not found."); return CommandResult.FUNCTIONAL_FAILURE; } RequestMessage req = RequestMessageUtils.parseRequestMessage(bytes); if (req instanceof PKCS10RequestMessage) { PKCS10RequestMessage p10req = (PKCS10RequestMessage) req; p10req.setUsername(username); p10req.setPassword(password); } else { log.error("Input file '" + csr + "' is not a PKCS#10 request."); return CommandResult.FUNCTIONAL_FAILURE; } final SignSessionRemote signSession = EjbRemoteHelper.INSTANCE.getRemoteSession(SignSessionRemote.class); // Call signsession to create a certificate ResponseMessage resp; try { resp = signSession.createCertificate( getAuthenticationToken(), req, X509ResponseMessage.class, null); } catch (EjbcaException e) { log.error("Could not create certificate: " + e.getMessage()); return CommandResult.FUNCTIONAL_FAILURE; } catch (CesecoreException e) { log.error("Could not create certificate: " + e.getMessage()); return CommandResult.FUNCTIONAL_FAILURE; } catch (AuthorizationDeniedException ee) { log.error( "CLI user with username " + parameters.get(USERNAME_KEY) + " was not authorized to create a certificate."); return CommandResult.AUTHORIZATION_FAILURE; } catch (CertificateExtensionException e) { log.error("CSR specified extensions which were invalid: " + e.getMessage()); return CommandResult.FUNCTIONAL_FAILURE; } byte[] pembytes; try { pembytes = CertTools.getPemFromCertificateChain( Arrays.asList(((X509ResponseMessage) resp).getCertificate())); } catch (CertificateException e) { throw new IllegalStateException( "Newly created certificate could not be parsed. This should not happen.", e); } // Write the resulting cert to file try { FileOutputStream fos = new FileOutputStream(certf); fos.write(pembytes); fos.close(); } catch (IOException e) { log.error("Could not write to certificate file " + certf + ". " + e.getMessage()); return CommandResult.FUNCTIONAL_FAILURE; } log.info("PEM certificate written to file '" + certf + "'"); return CommandResult.SUCCESS; }