tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Updated PEM credentials to the non-deprecated certificate API

pull/15663/head
Oleksandra Matviienko 1 month ago
parent
97dfd557cf
commit
d91ca7cce2
2 changed files with 10 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/credentials/CertPemCredentials.java
  2. 13
      rule-engine/rule-engine-components/src/test/java/org/thingsboard/rule/engine/credentials/CertPemCredentialsTest.java

5
rule-engine/rule-engine-components/src/main/java/org/thingsboard/rule/engine/credentials/CertPemCredentials.java
View File

@ -25,6 +25,7 @@ import org.thingsboard.server.common.data.StringUtils;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.security.auth.x500.X500Principal;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertPath;
@ -77,7 +78,7 @@ public class CertPemCredentials implements ClientCredentials {
KeyStore caKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
caKeyStore.load(null, null);
for (X509Certificate caCert : caCerts) {
caKeyStore.setCertificateEntry(CA_CERT_CERT_ALIAS_PREFIX + caCert.getSubjectDN().getName(), caCert);
caKeyStore.setCertificateEntry(CA_CERT_CERT_ALIAS_PREFIX + caCert.getSubjectX500Principal().getName(X500Principal.RFC1779), caCert);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
@ -99,7 +100,7 @@ public class CertPemCredentials implements ClientCredentials {
keyStore.load(null);
List<X509Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
for (X509Certificate cert : unique) {
keyStore.setCertificateEntry(CERT_ALIAS_PREFIX + cert.getSubjectDN().getName(), cert);
keyStore.setCertificateEntry(CERT_ALIAS_PREFIX + cert.getSubjectX500Principal().getName(X500Principal.RFC1779), cert);
}
if (privateKey != null) {

13
rule-engine/rule-engine-components/src/test/java/org/thingsboard/rule/engine/credentials/CertPemCredentialsTest.java
View File

@ -23,6 +23,7 @@ import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
import org.thingsboard.common.util.SslUtil;
import javax.security.auth.x500.X500Principal;
import java.io.File;
import java.io.IOException;
import java.security.Key;
@ -49,13 +50,13 @@ public class CertPemCredentialsTest {
Assertions.assertEquals(4, x509Certificates.size());
Assertions.assertEquals("CN=*.thingsboard.cloud, O=\"ThingsBoard, Inc.\", ST=New York, C=US",
x509Certificates.get(0).getSubjectDN().getName());
x509Certificates.get(0).getSubjectX500Principal().getName(X500Principal.RFC1779));
Assertions.assertEquals("CN=Sectigo ECC Organization Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB",
x509Certificates.get(1).getSubjectDN().getName());
x509Certificates.get(1).getSubjectX500Principal().getName(X500Principal.RFC1779));
Assertions.assertEquals("CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
x509Certificates.get(2).getSubjectDN().getName());
x509Certificates.get(2).getSubjectX500Principal().getName(X500Principal.RFC1779));
Assertions.assertEquals("CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB",
x509Certificates.get(3).getSubjectDN().getName());
x509Certificates.get(3).getSubjectX500Principal().getName(X500Principal.RFC1779));
}
@Test
@ -66,7 +67,7 @@ public class CertPemCredentialsTest {
Assertions.assertEquals(1, x509Certificates.size());
Assertions.assertEquals("CN=*.thingsboard.cloud, O=\"ThingsBoard, Inc.\", ST=New York, C=US",
x509Certificates.get(0).getSubjectDN().getName());
x509Certificates.get(0).getSubjectX500Principal().getName(X500Principal.RFC1779));
}
@Test
@ -103,7 +104,7 @@ public class CertPemCredentialsTest {
List<X509Certificate> certs = SslUtil.readCertFile(certContent);
for (X509Certificate cert : certs) {
String alias = CERT_ALIAS_PREFIX + cert.getIssuerDN().getName();
String alias = CERT_ALIAS_PREFIX + cert.getIssuerX500Principal().getName(X500Principal.RFC1779);
Certificate certificate = keyStore.getCertificate(alias);
Assertions.assertNotNull(certificate);
Assertions.assertEquals(new String(cert.getEncoded()), new String(certificate.getEncoded()));

Write Preview
Loading…
Cancel
Save