• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java CSRBuilder类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.shredzone.acme4j.util.CSRBuilder的典型用法代码示例。如果您正苦于以下问题:Java CSRBuilder类的具体用法?Java CSRBuilder怎么用?Java CSRBuilder使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



CSRBuilder类属于org.shredzone.acme4j.util包,在下文中一共展示了CSRBuilder类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: doSetup

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
private void doSetup() {
	messages.add("starting up...", LOG);

	Registration reg = loadOrCreateRegistration();
	if (reg == null) {
		return;
	}

	CSRBuilder csrb = createCSR(reg);
	if (csrb == null) {
		return;
	}

	messages.add("requesting certificate", LOG);
	Certificate certificate;
	try {
		certificate = reg.requestCertificate(csrb.getEncoded());
	} catch (Exception e) {
		String message = "unable to request certificate";
		messages.add(message);
		LOG.error(message, e);
		return;
	}

	downloadCertificate(certificate);
}
 
开发者ID:dernasherbrezon,项目名称:r2cloud,代码行数:27,代码来源:AcmeClient.java


示例2: fetchCertificate

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Generates a certificate for the given domains. Also takes care for the registration
 * process.
 *
 * @param domains
 *            Domains to get a common certificate for
 */
public void fetchCertificate(Collection<String> domains) throws IOException, AcmeException {
    // Load the user key file. If there is no key file, create a new one.
    KeyPair userKeyPair = loadOrCreateUserKeyPair();

    // Create a session for Let's Encrypt.
    // Use "acme://letsencrypt.org" for production server
    Session session = new Session("acme://letsencrypt.org/staging", userKeyPair);

    // Get the Account.
    // If there is no account yet, create a new one.
    Account acct = findOrRegisterAccount(session);

    // Load or create a key pair for the domains. This should not be the userKeyPair!
    KeyPair domainKeyPair = loadOrCreateDomainKeyPair();

    // Order the certificate
    Order order = acct.newOrder().domains(domains).create();

    // Perform all required authorizations
    for (Authorization auth : order.getAuthorizations()) {
        authorize(auth);
    }

    // Generate a CSR for all of the domains, and sign it with the domain key pair.
    CSRBuilder csrb = new CSRBuilder();
    csrb.addDomains(domains);
    csrb.sign(domainKeyPair);

    // Write the CSR to a file, for later use.
    try (Writer out = new FileWriter(DOMAIN_CSR_FILE)) {
        csrb.write(out);
    }

    // Get the certificate
    order.execute(csrb.getEncoded());
    Certificate certificate = order.getCertificate();

    LOG.info("Success! The certificate for domains " + domains + " has been generated!");
    LOG.info("Certificate URL: " + certificate.getLocation());

    // Write a combined file containing the certificate and chain.
    try (FileWriter fw = new FileWriter(DOMAIN_CHAIN_FILE)) {
        certificate.writeCertificate(fw);
    }

    // That's all! Configure your web server to use the DOMAIN_KEY_FILE and
    // DOMAIN_CHAIN_FILE for the requested domans.
}
 
开发者ID:shred,项目名称:acme4j,代码行数:56,代码来源:ClientTest.java


示例3: orderCertificate

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Runs the complete process of ordering a certificate.
 *
 * @param domain
 *            Name of the domain to order a certificate for
 * @param validator
 *            {@link Validator} that finds and prepares a {@link Challenge} for domain
 *            validation
 */
private void orderCertificate(String domain, Validator validator) throws Exception {
    KeyPair keyPair = createKeyPair();
    Session session = new Session(pebbleURI(), keyPair);

    Account account = new AccountBuilder()
                .agreeToTermsOfService()
                .create(session);

    KeyPair domainKeyPair = createKeyPair();

    Instant notBefore = Instant.now().truncatedTo(ChronoUnit.MILLIS);
    Instant notAfter = notBefore.plus(Duration.ofDays(20L));

    Order order = account.newOrder()
                .domain(domain)
                .notBefore(notBefore)
                .notAfter(notAfter)
                .create();
    assertThat(order.getNotBefore(), is(notBefore));
    assertThat(order.getNotAfter(), is(notAfter));
    assertThat(order.getStatus(), is(Status.PENDING));

    for (Authorization auth : order.getAuthorizations()) {
        assertThat(auth.getDomain(), is(domain));
        assertThat(auth.getStatus(), is(Status.PENDING));

        Challenge challenge = validator.prepare(auth);
        challenge.trigger();

        await()
            .pollInterval(1, SECONDS)
            .timeout(30, SECONDS)
            .conditionEvaluationListener(cond -> updateAuth(auth))
            .until(auth::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

        if (auth.getStatus() != Status.VALID) {
            fail("Authorization failed");
        }
    }

    CSRBuilder csr = new CSRBuilder();
    csr.addDomain(domain);
    csr.sign(domainKeyPair);
    byte[] encodedCsr = csr.getEncoded();

    order.execute(encodedCsr);

    await()
        .pollInterval(1, SECONDS)
        .timeout(30, SECONDS)
        .conditionEvaluationListener(cond -> updateOrder(order))
        .until(order::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));


    Certificate certificate = order.getCertificate();
    X509Certificate cert = certificate.getCertificate();
    assertThat(cert, not(nullValue()));
    assertThat(cert.getNotAfter(), not(nullValue()));
    assertThat(cert.getNotBefore(), not(nullValue()));
    assertThat(cert.getSubjectX500Principal().getName(), containsString("CN=" + domain));
}
 
开发者ID:shred,项目名称:acme4j,代码行数:71,代码来源:OrderIT.java


示例4: testDnsValidation

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Test if a wildcard certificate can be ordered via dns-01 challenge.
 */
@Test
public void testDnsValidation() throws Exception {
    BammBammClient client = getBammBammClient();
    KeyPair keyPair = createKeyPair();
    Session session = new Session(pebbleURI(), keyPair);

    Account account = new AccountBuilder()
                .agreeToTermsOfService()
                .create(session);

    KeyPair domainKeyPair = createKeyPair();

    Instant notBefore = Instant.now().truncatedTo(ChronoUnit.MILLIS);
    Instant notAfter = notBefore.plus(Duration.ofDays(20L));

    Order order = account.newOrder()
                .domain(TEST_WILDCARD_DOMAIN)
                .domain(TEST_DOMAIN)
                .notBefore(notBefore)
                .notAfter(notAfter)
                .create();
    assertThat(order.getNotBefore(), is(notBefore));
    assertThat(order.getNotAfter(), is(notAfter));
    assertThat(order.getStatus(), is(Status.PENDING));

    for (Authorization auth : order.getAuthorizations()) {
        assertThat(auth.getDomain(), is(TEST_DOMAIN));
        assertThat(auth.getStatus(), is(Status.PENDING));

        Dns01Challenge challenge = auth.findChallenge(Dns01Challenge.TYPE);
        assertThat(challenge, is(notNullValue()));

        String challengeDomainName = "_acme-challenge." + TEST_DOMAIN;

        client.dnsAddTxtRecord(challengeDomainName, challenge.getDigest());
        cleanup(() -> client.dnsRemoveTxtRecord(challengeDomainName));

        challenge.trigger();

        await()
            .pollInterval(1, SECONDS)
            .timeout(30, SECONDS)
            .conditionEvaluationListener(cond -> updateAuth(auth))
            .until(auth::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

        if (auth.getStatus() != Status.VALID) {
            fail("Authorization failed");
        }
    }

    CSRBuilder csr = new CSRBuilder();
    csr.addDomain(TEST_DOMAIN);
    csr.addDomain(TEST_WILDCARD_DOMAIN);
    csr.sign(domainKeyPair);
    byte[] encodedCsr = csr.getEncoded();

    order.execute(encodedCsr);

    await()
        .pollInterval(1, SECONDS)
        .timeout(30, SECONDS)
        .conditionEvaluationListener(cond -> updateOrder(order))
        .until(order::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));


    Certificate certificate = order.getCertificate();
    X509Certificate cert = certificate.getCertificate();
    assertThat(cert, not(nullValue()));
    assertThat(cert.getNotAfter(), not(nullValue()));
    assertThat(cert.getNotBefore(), not(nullValue()));
    assertThat(cert.getSubjectX500Principal().getName(), containsString("CN=" + TEST_DOMAIN));

    List<String> san = cert.getSubjectAlternativeNames().stream()
            .filter(it -> ((Number) it.get(0)).intValue() == GeneralName.dNSName)
            .map(it -> (String) it.get(1))
            .collect(toList());
    assertThat(san, contains(TEST_DOMAIN, TEST_WILDCARD_DOMAIN));
}
 
开发者ID:shred,项目名称:acme4j,代码行数:82,代码来源:OrderWildcardIT.java


示例5: testHttpValidation

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Test if a certificate can be ordered via http-01 challenge.
 */
@Test
public void testHttpValidation() throws Exception {
    KeyPair keyPair = createKeyPair();
    Session session = new Session(boulderURI(), keyPair);

    Account account = new AccountBuilder()
                .agreeToTermsOfService()
                .create(session);

    KeyPair domainKeyPair = createKeyPair();

    Order order = account.newOrder().domain(TEST_DOMAIN).create();

    for (Authorization auth : order.getAuthorizations()) {
        TlsSni02Challenge challenge = auth.findChallenge(TlsSni02Challenge.TYPE);
        assertThat(challenge, is(notNullValue()));

        KeyPair challengeKeyPair = createKeyPair();
        X509Certificate challengeCert = CertificateUtils.createTlsSni02Certificate(challengeKeyPair, challenge.getSubject(), challenge.getSanB());

        client.tlsSniAddCertificate(challenge.getSubject(), challengeKeyPair.getPrivate(), challengeCert);

        challenge.trigger();

        await()
            .pollInterval(1, SECONDS)
            .timeout(30, SECONDS)
            .conditionEvaluationListener(cond -> updateAuth(auth))
            .until(auth::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

        if (auth.getStatus() != Status.VALID) {
            fail("Authorization failed");
        }

        client.tlsSniRemoveCertificate(challenge.getSubject());
    }

    CSRBuilder csr = new CSRBuilder();
    csr.addDomain(TEST_DOMAIN);
    csr.sign(domainKeyPair);
    byte[] encodedCsr = csr.getEncoded();

    order.execute(encodedCsr);

    await()
        .pollInterval(1, SECONDS)
        .timeout(30, SECONDS)
        .conditionEvaluationListener(cond -> updateOrder(order))
        .until(order::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

    Certificate certificate = order.getCertificate();
    X509Certificate cert = certificate.getCertificate();
    assertThat(cert, not(nullValue()));
    assertThat(cert.getNotAfter(), not(nullValue()));
    assertThat(cert.getNotBefore(), not(nullValue()));
    assertThat(cert.getSubjectX500Principal().getName(), containsString("CN=" + TEST_DOMAIN));
}
 
开发者ID:shred,项目名称:acme4j,代码行数:61,代码来源:OrderTlsSniIT.java


示例6: testHttpValidation

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Test if a certificate can be ordered via http-01 challenge.
 */
@Test
public void testHttpValidation() throws Exception {
    KeyPair keyPair = createKeyPair();
    Session session = new Session(boulderURI(), keyPair);

    Account account = new AccountBuilder()
                .agreeToTermsOfService()
                .create(session);

    KeyPair domainKeyPair = createKeyPair();

    Order order = account.newOrder().domain(TEST_DOMAIN).create();

    for (Authorization auth : order.getAuthorizations()) {
        Http01Challenge challenge = auth.findChallenge(Http01Challenge.TYPE);
        assertThat(challenge, is(notNullValue()));

        client.httpAddToken(challenge.getToken(), challenge.getAuthorization());

        challenge.trigger();

        await()
            .pollInterval(1, SECONDS)
            .timeout(30, SECONDS)
            .conditionEvaluationListener(cond -> updateAuth(auth))
            .until(auth::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

        if (auth.getStatus() != Status.VALID) {
            fail("Authorization failed");
        }

        client.httpRemoveToken(challenge.getToken());
    }

    CSRBuilder csr = new CSRBuilder();
    csr.addDomain(TEST_DOMAIN);
    csr.sign(domainKeyPair);
    byte[] encodedCsr = csr.getEncoded();

    order.execute(encodedCsr);

    await()
        .pollInterval(1, SECONDS)
        .timeout(30, SECONDS)
        .conditionEvaluationListener(cond -> updateOrder(order))
        .until(order::getStatus, not(isOneOf(Status.PENDING, Status.PROCESSING)));

    Certificate certificate = order.getCertificate();
    X509Certificate cert = certificate.getCertificate();
    assertThat(cert, not(nullValue()));
    assertThat(cert.getNotAfter(), not(nullValue()));
    assertThat(cert.getNotBefore(), not(nullValue()));
    assertThat(cert.getSubjectX500Principal().getName(), containsString("CN=" + TEST_DOMAIN));
}
 
开发者ID:shred,项目名称:acme4j,代码行数:58,代码来源:OrderHttpIT.java


示例7: fetchCertificate

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Generates a certificate for the given domains. Also takes care for the registration
 * process.
 *
 * @param domain
 *            Domains to get a common certificate for
 */
private boolean fetchCertificate(String contact, String domain) throws IOException, AcmeException {
    // Load the user key file. If there is no key file, create a new one.
    // Keep this key pair in a safe place! In a production environment, you will not be
    // able to access your account again if you should lose the key pair.
    KeyPair userKeyPair = loadOrCreateKeyPair(USER_KEY_FILE);

    Session session = new Session(letsEncryptUrl, userKeyPair);

    // Get the Registration to the account.
    // If there is no account yet, create a new one.
    Registration reg = findOrRegisterAccount(session, contact);

    // Separately authorize every requested domain.
    authorize(reg, domain);

    // Load or create a key pair for the domains. This should not be the userKeyPair!
    KeyPair domainKeyPair = loadOrCreateKeyPair(DOMAIN_KEY_FILE);

    // Generate a CSR for all of the domains, and sign it with the domain key pair.
    CSRBuilder csrb = new CSRBuilder();
    csrb.addDomain(domain);
    csrb.setOrganization("Blynk Inc.");
    csrb.sign(domainKeyPair);

    // Write the CSR to a file, for later use.
    //try (Writer out = new FileWriter(DOMAIN_CSR_FILE)) {
    //    csrb.write(out);
    //}

    // Now request a signed certificate.
    Certificate certificate = reg.requestCertificate(csrb.getEncoded());

    // Download the leaf certificate and certificate chain.
    X509Certificate cert = certificate.download();
    X509Certificate[] chain = certificate.downloadChain();

    // Write a combined file containing the certificate and chain.
    try (FileWriter fw = new FileWriter(DOMAIN_CHAIN_FILE)) {
        CertificateUtils.writeX509CertificateChain(fw, cert, chain);
    }

    return true;
}
 
开发者ID:blynkkk,项目名称:blynk-server,代码行数:51,代码来源:AcmeClient.java


示例8: runInternal

import org.shredzone.acme4j.util.CSRBuilder; //导入依赖的package包/类
/**
 * Perform the renewal.
 *
 * @return The renewed certificate
 */
private CertificateModel runInternal() throws Exception {
    AcmeClient client = client();
    Registration registration = registration();

    client.newRegistration(registration);

    registration.setAgreement(registration.getAgreement());

    client.modifyRegistration(registration);

    for (String domain : endpoint.getDomains()) {
        doAuthorization(client, registration, domain);
    }

    CSRBuilder builder = new CSRBuilder();

    builder.addDomains(endpoint.getDomains());
    builder.sign(registration.getKeyPair());

    byte[] csr = builder.getEncoded();

    URI certUri = client.requestCertificate(registration, csr);
    X509Certificate cert = client.downloadCertificate(certUri);

    CertificateModel model = new CertificateModel();

    model.setKey(AbstractProvider.encodePrivateKey(registration.getKeyPair().getPrivate()));
    model.setCreated(new Date());
    model.setExpires(cert.getNotAfter());
    model.setCertificate(AbstractProvider.encodeCertificate(cert));

    return model;
}
 
开发者ID:jackprice,项目名称:gatekeeper,代码行数:39,代码来源:RenewRunnable.java



注:本文中的org.shredzone.acme4j.util.CSRBuilder类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java ModifyAclEntriesResponseProto类代码示例发布时间:2022-05-22
下一篇:
Java CacheFlagProto类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap