diff options
author | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2013-12-20 17:28:32 +0000 |
---|---|---|
committer | tkellner <tkellner@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2013-12-20 17:28:32 +0000 |
commit | 2a29339f0a02b0eac839f1a55ec6f9e2c34fbd46 (patch) | |
tree | 410ecd185a9ea5a11718269b9ad06a910e8422ff /BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java | |
parent | 14870b6b5cdb8e5b1a7197e51bb0cd1639c48b5a (diff) | |
download | mocca-2a29339f0a02b0eac839f1a55ec6f9e2c34fbd46.tar.gz mocca-2a29339f0a02b0eac839f1a55ec6f9e2c34fbd46.tar.bz2 mocca-2a29339f0a02b0eac839f1a55ec6f9e2c34fbd46.zip |
Generate new CA Certificate when expired/not readable
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1270 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java')
-rw-r--r-- | BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index 551cf0af..db34198d 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -43,6 +43,9 @@ import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; +import java.security.cert.CertificateExpiredException; +import java.security.cert.CertificateNotYetValidException; +import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Iterator; import java.util.UUID; @@ -134,6 +137,11 @@ public class Configurator { zipOS.close(); updateConfig(configDir); } + if (caCertificateUpdateRequired()) { + log.info("Creating new CA certificate"); + createKeyStore(configDir); + certRenewed = true; + } } } else { initConfig(configDir); @@ -345,6 +353,30 @@ public class Configurator { return true; } + private static boolean caCertificateUpdateRequired() { + String configDir = System.getProperty("user.home") + '/' + CONFIG_DIR; + File keystoreFile = new File(configDir, KEYSTORE_FILE); + File passwdFile = new File(configDir, PASSWD_FILE); + String passwd; + try { + passwd = Container.readPassword(passwdFile); + } catch (IOException e) { + log.error("Error reading password file", e); + return true; + } + X509Certificate cert = (X509Certificate) Container.getCACertificate(keystoreFile, passwd.toCharArray()); + try { + cert.checkValidity(); + } catch (CertificateExpiredException e) { + log.warn("CA Certificate expired"); + return true; + } catch (CertificateNotYetValidException e) { + log.error("CA Certificate not yet valid"); + return true; + } + return false; + } + protected static void backup(File dir, URI relativeTo, ZipOutputStream zip, boolean doDelete) throws IOException { if (dir.isDirectory()) { File[] subDirs = dir.listFiles(); |