Example usage for java.security.cert CRLException printStackTrace

List of usage examples for java.security.cert CRLException printStackTrace

  1. HOME
  2. Java
  3. java
  4. java.security.cert.*
  5. CRLException
  6. printStackTrace

Introduction

In this page you can find the example usage for java.security.cert CRLException printStackTrace.

Prototype

public void printStackTrace()

Source Link

Document

Prints this throwable and its backtrace to the standard error stream.

Usage

From source file:net.maritimecloud.identityregistry.utils.CertificateUtil.java

/**
 * Creates a Certificate Revocation List (CRL) for the certificate serialnumbers given.
 * /*from ww w.  j a  va2 s .  com*/
 * @param revokedCerts  List of the serialnumbers that should be revoked.
 * @return a X509 certificate
 */
public X509CRL generateCRL(List<net.maritimecloud.identityregistry.model.database.Certificate> revokedCerts) {
    Date now = new Date();
    Calendar cal = Calendar.getInstance();
    cal.setTime(now);
    cal.add(Calendar.DATE, 7);
    X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(new X500Name(MCIDREG_CERT_X500_NAME), now);
    crlBuilder.setNextUpdate(new Date(now.getTime() + 24 * 60 * 60 * 1000 * 7)); // The next CRL is next week (dummy value)
    for (net.maritimecloud.identityregistry.model.database.Certificate cert : revokedCerts) {
        String certReason = cert.getRevokeReason().toLowerCase();
        int reason = getCRLReasonFromString(certReason);
        crlBuilder.addCRLEntry(cert.getSerialNumber(), cert.getRevokedAt(), reason);
    }
    //crlBuilder.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
    //crlBuilder.addExtension(X509Extensions.CRLNumber, false, new CRLNumber(BigInteger.valueOf(1)));

    PrivateKeyEntry keyEntry = getSigningCertEntry();

    JcaContentSignerBuilder signBuilder = new JcaContentSignerBuilder(SIGNER_ALGORITHM);
    signBuilder.setProvider(BC_PROVIDER_NAME);
    ContentSigner signer;
    try {
        signer = signBuilder.build(keyEntry.getPrivateKey());
    } catch (OperatorCreationException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
        return null;
    }

    X509CRLHolder cRLHolder = crlBuilder.build(signer);
    JcaX509CRLConverter converter = new JcaX509CRLConverter();
    converter.setProvider(BC_PROVIDER_NAME);
    X509CRL crl = null;
    try {
        crl = converter.getCRL(cRLHolder);
    } catch (CRLException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    return crl;
}

From source file:net.maritimecloud.identityregistry.utils.CertificateUtil.java

/**
 * Creates a Certificate Revocation List (CRL) for the certificate serialnumbers given.
 *
 * @param revokedCerts  List of the serialnumbers that should be revoked.
 *///from   ww w  . ja  va  2 s.  co m
public void generateRootCACRL(String signName,
        List<net.maritimecloud.identityregistry.model.database.Certificate> revokedCerts,
        PrivateKeyEntry keyEntry, String outputCaCrlPath) {
    Date now = new Date();
    Calendar cal = Calendar.getInstance();
    cal.setTime(now);
    cal.add(Calendar.YEAR, 1);
    X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(new X500Name(signName), now);
    crlBuilder.setNextUpdate(cal.getTime()); // The next CRL is next year (dummy value)
    if (revokedCerts != null) {
        for (net.maritimecloud.identityregistry.model.database.Certificate cert : revokedCerts) {
            String certReason = cert.getRevokeReason().toLowerCase();
            int reason = getCRLReasonFromString(certReason);
            crlBuilder.addCRLEntry(cert.getSerialNumber(), cert.getRevokedAt(), reason);
        }
    }
    //crlBuilder.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
    //crlBuilder.addExtension(X509Extensions.CRLNumber, false, new CRLNumber(BigInteger.valueOf(1)));

    JcaContentSignerBuilder signBuilder = new JcaContentSignerBuilder(SIGNER_ALGORITHM);
    signBuilder.setProvider(BC_PROVIDER_NAME);
    ContentSigner signer;
    try {
        signer = signBuilder.build(keyEntry.getPrivateKey());
    } catch (OperatorCreationException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
        return;
    }

    X509CRLHolder cRLHolder = crlBuilder.build(signer);
    JcaX509CRLConverter converter = new JcaX509CRLConverter();
    converter.setProvider(BC_PROVIDER_NAME);
    X509CRL crl;
    try {
        crl = converter.getCRL(cRLHolder);
    } catch (CRLException e) {
        throw new RuntimeException(e.getMessage(), e);
    }
    String pemCrl;
    try {
        pemCrl = CertificateUtil.getPemFromEncoded("X509 CRL", crl.getEncoded());
    } catch (CRLException e) {
        log.warn("unable to generate RootCACRL", e);
        return;
    }
    try {
        BufferedWriter writer = new BufferedWriter(new FileWriter(outputCaCrlPath));
        writer.write(pemCrl);
        writer.close();
    } catch (IOException e) {
        e.printStackTrace();
    }
}