mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 1735326f | patch | commit | show whitespace
coulbeck
07.05.2007 8f9356b1b67e70c4f37b6763f72db1d50b628f8a 
On start-up create the self-signed certificate in the local ADS trust store if it does not exist. It will be needed by a stand-alone server instance to encrypt secret keys.
1 files modified
44 ■■■■■ changed files
opends/src/server/org/opends/server/backends/TrustStoreBackend.java 44 ●●●●● patch | view | raw | blame | history 
 opends/src/server/org/opends/server/backends/TrustStoreBackend.java


@@ -319,6 +319,9 @@


                                trustStoreType,


                                new String(trustStorePIN));




    // Generate a self-signed certificate, if there is none.


    generateInstanceCertificateIfAbsent();




    // Construct the trust store base entry.


    LinkedHashMap<ObjectClass,String> objectClasses =


         new LinkedHashMap<ObjectClass,String>(2);


@@ -353,7 +356,7 @@


                                opAttrs);






    // Define an empty sets for the supported controls and features.


    // Define empty sets for the supported controls and features.


    supportedControls = new HashSet<String>(0);


    supportedFeatures = new HashSet<String>(0);




@@ -1711,5 +1714,44 @@


    }


  }




  /**


   * Generates a self-signed certificate with well-known alias if there is none.


   * @throws InitializationException If an error occurs while interacting with


   *                                 the key store.


   */


  private void generateInstanceCertificateIfAbsent()


       throws InitializationException


  {


    String certAlias = ADS_CERTIFICATE_ALIAS;




    try


    {


      if (certificateManager.aliasInUse(certAlias))


      {


        return;


      }


    }


    catch (Exception e)


    {


      Message message = ERR_TRUSTSTORE_CANNOT_ADD_CERT.get(


           certAlias, trustStoreFile, getExceptionMessage(e));


      throw new InitializationException(message, e);


    }




    try


    {


      certificateManager.generateSelfSignedCertificate(


           certAlias,


           getADSCertificateSubjectDN(),


           getADSCertificateValidity());


    }


    catch (Exception e)


    {


      Message message = ERR_TRUSTSTORE_CANNOT_GENERATE_CERT.get(


           certAlias, trustStoreFile, getExceptionMessage(e));


      throw new InitializationException(message, e);


    }




  }


}