TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
tmf.init(aaaCertProvider.getTrustKeyStore());
- serverContext = SSLContext.getInstance(KeyStoreConstant.TLS_PROTOCOL);
+ serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
} catch (final NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException
| KeyManagementException e) {
* @author mserngawy
*/
public final class KeyStoreConstant {
- private static final Logger LOG = LoggerFactory.getLogger(KeyStoreConstant.class);
-
- public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
-
- public static final String BEGIN_CERTIFICATE_REQUEST = "-----BEGIN CERTIFICATE REQUEST-----";
- // Day time in millisecond
- public static final long DAY_TIME = 1000L * 60 * 60 * 24;
+ public static final String KEY_STORE_PATH = "configuration" + File.separator + "ssl" + File.separator;
public static final String DEFAULT_KEY_ALG = "RSA"; // DES
public static final int DEFAULT_KEY_SIZE = 2048; // 1024
public static final String DEFAULT_SIGN_ALG = "SHA1WithRSAEncryption"; // MD5WithRSAEncryption
-
public static final int DEFAULT_VALIDITY = 365;
- public static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
- public static final String END_CERTIFICATE_REQUEST = "-----END CERTIFICATE REQUEST-----";
- public static final String TLS_PROTOCOL = "TLS";
- public static final String KEY_STORE_PATH = "configuration" + File.separator + "ssl" + File.separator;
+
+ static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
+ static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
+ static final String BEGIN_CERTIFICATE_REQUEST = "-----BEGIN CERTIFICATE REQUEST-----";
+ static final String END_CERTIFICATE_REQUEST = "-----END CERTIFICATE REQUEST-----";
+
+ private static final Logger LOG = LoggerFactory.getLogger(KeyStoreConstant.class);
private KeyStoreConstant() {
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Date;
+import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
final X509v3CertificateBuilder x509V3CertBuilder =
new X509v3CertificateBuilder(new X500Name(distinguishedName), getSecureRandomeInt(),
new Date(currTime),
- new Date(currTime + KeyStoreConstant.DAY_TIME * validity),
+ new Date(currTime + TimeUnit.DAYS.toMillis(validity)),
new X500Name(distinguishedName), keyInfo);
final X509CertificateHolder x509Cert = x509V3CertBuilder
.build(new JcaContentSignerBuilder(signAlg).build(keyPair.getPrivate()));
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
-import org.opendaylight.aaa.cert.impl.KeyStoreConstant;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
private static SSLContext buildSSLContext() {
try {
- SSLContext sslContext = SSLContext.getInstance(KeyStoreConstant.TLS_PROTOCOL);
+ SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, InsecureTrustManager.INSTANCE, null);
return sslContext;
} catch (NoSuchAlgorithmException | KeyManagementException e) {
Code Review / aaa.git / commitdiff