summaryrefslogtreecommitdiff
path: root/BKUWebStart/src
diff options
context:
space:
mode:
authorAndreas Abraham <andreas.abraham@egiz.gv.at>2019-11-25 15:26:36 +0100
committerAndreas Abraham <andreas.abraham@egiz.gv.at>2019-11-25 15:26:36 +0100
commitb6ebce766ce41f73489588d0005f9a58ea07f3c9 (patch)
treea206a72b51a5cf5e4debb2a7419bee4a9c878d63 /BKUWebStart/src
parentc0bf5f1a6ae1bd0b9de263a5d5a27d10f24490ee (diff)
downloadmocca-b6ebce766ce41f73489588d0005f9a58ea07f3c9.tar.gz
mocca-b6ebce766ce41f73489588d0005f9a58ea07f3c9.tar.bz2
mocca-b6ebce766ce41f73489588d0005f9a58ea07f3c9.zip
mac os allows that TLS certs are only valid for 2 years
Diffstat (limited to 'BKUWebStart/src')
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java19
1 files changed, 16 insertions, 3 deletions
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
index 4b817ae1..379b9711 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
@@ -56,7 +56,8 @@ import org.slf4j.LoggerFactory;
public class TLSServerCA {
public static final int CA_VALIDITY_Y = 3;
public static final String MOCCA_TLS_SERVER_ALIAS = "server";
- public static final int SERVER_VALIDITY_Y = 3;
+ public static final int SERVER_VALIDITY_Y = 3;
+ public static final int SERVER_VALIDITY_Y_MAC = 2;
private final static Logger log = LoggerFactory.getLogger(TLSServerCA.class);
private KeyPair caKeyPair;
@@ -139,14 +140,26 @@ public class TLSServerCA {
GregorianCalendar date = new GregorianCalendar();
date.add(Calendar.HOUR_OF_DAY, -1);
- serverCert.setValidNotBefore(date.getTime());
- date.add(Calendar.YEAR,SERVER_VALIDITY_Y);
+ serverCert.setValidNotBefore(date.getTime());
+ if (isMacOs()) {
+ date.add(Calendar.YEAR,SERVER_VALIDITY_Y_MAC);
+ } else {
+ date.add(Calendar.YEAR,SERVER_VALIDITY_Y);
+ }
date.add(Calendar.HOUR_OF_DAY, -1);
serverCert.setValidNotAfter(date.getTime());
serverCert.sign(AlgorithmID.sha256WithRSAEncryption, caKeyPair.getPrivate());
log.debug("successfully generated MOCCA TLS Server certificate " + serverCert.getSubjectDN());
caKeyPair = null;
+ }
+
+ private boolean isMacOs() {
+ String os = System.getProperty("os.name").toLowerCase();
+ if (os.contains("mac")) {
+ return true;
+ }
+ return false;
}
public KeyStore generateKeyStore(char[] password) throws GeneralSecurityException, IOException, CodingException {