org.shredzone.acme4j.Order Java Examples

The following examples show how to use org.shredzone.acme4j.Order. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: GenerateCertificateCommand.java    From acme_client with MIT License 6 votes vote down vote up
private void generateCertificate(Order order){
    try {
        List<Certificate> certificateList = getNotExpiredCertificates();
        if(certificateList==null){
            certificateList = new LinkedList<>();
        }

        CertificateManager certificateManager = new CertificateManager(order.getCertificate());
        certificateList.add(certificateManager.getCertificate());
        writeCertificate(certificateManager, "");

        error = error || !writeCertificateList(certificateList);
    } catch (Exception e) {
        LOG.error("Cannot get certificate. Check if your domains of the certificate are verified", e);
        error = true;
    }

}
 
Example #2
Source File: CertificateCommand.java    From acme_client with MIT License 6 votes vote down vote up
boolean writeOrderList(List<Order> orderList) {
    try {
        List<String> orderLocationList = new LinkedList<>();

        for(Order order : orderList){
            orderLocationList.add(order.getLocation().toString());
        }

        IOManager.writeString(ORDER_FILE_PATH,
                getGson().toJson(orderLocationList, urlsListTokenType));
    } catch (IOException e) {
        LOG.error("Cannot write order list to file: " + ORDER_FILE_PATH
                + "\n Please check permissions of the file.", e);
        return false;
    }
    return true;
}
 
Example #3
Source File: DeactivateDomainsOrderCommand.java    From acme_client with MIT License 4 votes vote down vote up
@Override
public void commandExecution() {

    List<Order> orders = getNotExpiredOrders();
    if (orders == null) {
        LOG.error("Cannot read file: " + ORDER_FILE_PATH);
        error = true;
        return;
    }

    List<String> failedAuthorizations = new LinkedList<>();

    List<Order> newOrderList = new LinkedList<>();

    Set<String> domains = retrieveDomainsFromParametersOrCSR();

    if(error){
        LOG.error("Domains retrieval failed");
        return;
    }

    for(Order order : orders) {
        boolean deactivated = false;
        for (Authorization authorization : order.getAuthorizations()) {
            String domain = getDomain(authorization);
            if (domains == null || domains.contains(domain)) {
                try {
                    if(!authorization.getStatus().equals(Status.DEACTIVATED)) {
                        authorization.deactivate();
                    }
                    deactivated = true;
                } catch (AcmeException e) {
                    LOG.error("Cannot deactivate authorization: " + authorization.getLocation().toString(), e);
                    failedAuthorizations.add(authorization.getLocation().toString());
                }
            }
        }
        if(!deactivated){
            newOrderList.add(order);
        }
    }

    error = error || !writeOrderList(newOrderList);

    if (failedAuthorizations.size() > 0) {
        JsonElement failedDomainsJsonElement = getGson().toJsonTree(failedAuthorizations, new TypeToken<List<String>>() {
        }.getType());
        result.add("failed_authorizations", failedDomainsJsonElement);
        error=true;
    }
}
 
Example #4
Source File: AcmeClient.java    From blynk-server with GNU General Public License v3.0 4 votes vote down vote up
/**
 * Generates a certificate for the given domains. Also takes care for the registration
 * process.
 *
 * @param domain
 *            Domains to get a common certificate for
 */
private void fetchCertificate(String contact, String domain) throws IOException, AcmeException {
    // Load the user key file. If there is no key file, create a new one.
    // Keep this key pair in a safe place! In a production environment, you will not be
    // able to access your account again if you should lose the key pair.
    KeyPair userKeyPair = loadOrCreateKeyPair(USER_KEY_FILE);

    Session session = new Session(letsEncryptUrl);

    // Get the Account.
    // If there is no account yet, create a new one.
    Account account = new AccountBuilder()
            .agreeToTermsOfService()
            .useKeyPair(userKeyPair)
            .addEmail(contact)
            .create(session);
    log.info("Registered a new user, URL: {}", account.getLocation());

    // Load or create a key pair for the domains. This should not be the userKeyPair!
    KeyPair domainKeyPair = loadOrCreateKeyPair(DOMAIN_KEY_FILE);

    // Order the certificate
    Order order = account.newOrder().domain(domain).create();

    // Perform all required authorizations
    for (Authorization auth : order.getAuthorizations()) {
        authorize(auth);
    }

    // Generate a CSR for all of the domains, and sign it with the domain key pair.
    CSRBuilder csrb = new CSRBuilder();
    csrb.addDomain(domain);
    csrb.setOrganization("Blynk Inc.");
    csrb.sign(domainKeyPair);

    // Order the certificate
    order.execute(csrb.getEncoded());

    // Wait for the order to complete
    try {
        int attempts = ATTEMPTS;
        while (order.getStatus() != Status.VALID && attempts-- > 0) {
            if (order.getStatus() == Status.INVALID) {
                throw new AcmeException("Order failed... Giving up.");
            }
            Thread.sleep(WAIT_MILLIS);
            order.update();
        }
    } catch (InterruptedException ex) {
        log.error("interrupted", ex);
    }

    Certificate certificate = order.getCertificate();

    if (certificate != null) {
        try (FileWriter fw = new FileWriter(DOMAIN_CHAIN_FILE)) {
            certificate.writeCertificate(fw);
        }
        log.info("Overriding certificate. Expiration date is : {}", certificate.getCertificate().getNotAfter());
    }
}