mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
blame | history | patch | commit | commitdiff | ignore whitespace
Yannick Lecaillez
01.59.2015 c9be76aa5748caa7e04fd35386eb08b5c40d968a 
 opendj-server-legacy/src/main/java/org/opends/server/admin/AdministrationConnector.java


@@ -63,6 +63,7 @@


import org.opends.server.types.FilePermission;


import org.opends.server.types.InitializationException;


import org.opends.server.util.CertificateManager;


import org.opends.server.util.Platform.KeyType;


import org.opends.server.util.SetupUtils;




/**


@@ -329,7 +330,7 @@




    /** {@inheritDoc} */


    @Override


    public String getSSLCertNickname()


    public SortedSet<String> getSSLCertNickname()


    {


      return config.getSSLCertNickname();


    }


@@ -456,7 +457,7 @@


      AdministrationConnectorCfg config = root.getAdministrationConnector();




      // Check if certificate generation is needed


      String certAlias = config.getSSLCertNickname();


      final SortedSet<String> certAliases = config.getSSLCertNickname();


      KeyManagerProviderCfg keyMgrConfig = root.getKeyManagerProvider(config


          .getKeyManagerProvider());


      TrustManagerProviderCfg trustMgrConfig = root


@@ -535,32 +536,39 @@


              .getKeyStoreType(), pwd);


      String hostName =


        SetupUtils.getHostNameForCertificate(DirectoryServer.getServerRoot());


      String subjectDN = "cn="


          + Rdn.escapeValue(hostName) + ",O="


          + FRIENDLY_NAME + " Self-Signed Certificate";


      certManager.generateSelfSignedCertificate(certAlias, subjectDN,


          ADMIN_CERT_VALIDITY);




      // Export the certificate


      // Temporary exported certificate's file


      String tempCertPath = getFullPath("config" + File.separator


          + "admin-cert.txt");


      SetupUtils.exportCertificate(certManager, certAlias, tempCertPath);




      // Create a new trust store and import the server certificate


      // into it


      CertificateManager trustManager = new CertificateManager(truststorePath,


          CertificateManager.KEY_STORE_TYPE_JKS, pwd);


      trustManager.addCertificate(certAlias, new File(tempCertPath));


      for (String certAlias : certAliases)


      {


        final KeyType keyType = KeyType.getTypeOrDefault(certAlias);


        final String subjectDN =


            "cn=" + Rdn.escapeValue(hostName) + ",O=" + FRIENDLY_NAME + " " + keyType + " Self-Signed Certificate";


        certManager.generateSelfSignedCertificate(keyType, certAlias, subjectDN, ADMIN_CERT_VALIDITY);




        SetupUtils.exportCertificate(certManager, certAlias, tempCertPath);




        // import the server certificate into it


        final File tempCertFile = new File(tempCertPath);


        trustManager.addCertificate(certAlias, tempCertFile);


        tempCertFile.delete();


      }




      // Generate a password file


      if (!new File(pinFilePath).exists())


      {


        FileWriter file = new FileWriter(pinFilePath);


        PrintWriter out = new PrintWriter(file);


        out.println(pwd);


        out.flush();


        out.close();


        file.close();


        try (final FileWriter file = new FileWriter(pinFilePath);


             final PrintWriter out = new PrintWriter(file))


        {


          out.println(pwd);


          out.flush();


        }


      }




      // Change the password file permission if possible


@@ -578,10 +586,6 @@


        // Log a warning that the permissions were not set.


        logger.warn(WARN_ADMIN_SET_PERMISSIONS_FAILED, pinFilePath);


      }




      // Delete the exported certificate


      File f = new File(tempCertPath);


      f.delete();


    }


    catch (InitializationException e)


    {