public class CertificateCommand extends Object
Constructor and Description |
---|
CertificateCommand() |
Modifier and Type | Method and Description |
---|---|
static String |
configureDemoCert(String commonName)
Generates new signed certificate.
|
static String |
configureDemoCert(String commonName,
String[] subjectAltNames)
Generates new signed certificate.
|
static String |
configureDemoCertWithDN(String[] dn)
Generates new signed certificate.
|
static String |
configureDemoCertWithDN(String[] dn,
String[] subjectAltNames)
Generates new signed certificate.
|
protected static KeyStoreFile |
getKeyStoreFile() |
static void |
main(String[] args)
Pass in a string to use as the common name of the certificate to be generated.
|
public static void main(String[] args)
Arguments to this program are: (-cn <cn>|-dn <dn>) [-san <tag:name,tag:name,...>]
where:
<cn> represents a fully qualified common name (e.g. "<FQDN>", where <FQDN> could be something like cluster.yoyo.com)
<dn> represents a distinguished name as a comma-delimited string (e.g. "c=US, st=California, o=Yoyodyne, l=San Narciso, cn=<FQDN>")
<tag:name,tag:name,...> represents optional subject alternative names to be added to the generated certificate
(e.g. "DNS:<FQDN>,DNS:node1.<FQDN>,DNS:node2.<FQDN>"). The format for subject alternative names
is similar to the OpenSSL X509 configuration format. Supported tags are:
email - email subject
URI - uniformed resource identifier
RID - registered id
DNS - hostname
IP - ip address (V4 or V6)
dirName - directory name
args
- arguments to the certificate program (see above for description)public static String configureDemoCert(String commonName)
Postcondition is the server keystore is updated to include a private entry. The private entry has the new certificate chain that connects the server to the Demo CA. The matching private key is also stored in the entry.
commonName
- string to use as the common name in the new certificate.public static String configureDemoCert(String commonName, @Nullable String[] subjectAltNames)
Postcondition is the server keystore is updated to include a private entry. The private entry has the new certificate chain that connects the server to the Demo CA. The matching private key is also stored in the entry.
commonName
- string to use as the common name in the new certificate.subjectAltNames
- names in the form tag:name
(format similar to OpenSSL X509
configuration)public static String configureDemoCertWithDN(String[] dn)
CN
value for the common name.
Postcondition is the server keystore is updated to include a private entry. The private entry has the new certificate chain that connects the server to the Demo CA. The matching private key is also stored in the entry.
dn
- String params in the form attrKey=attrVal
composing a distinguished name.
e.g. configureDemoCertWithDN(new String[] {"cn=John Whorfin", "o=Yoyodyne", "l=San Narciso", "st=California", "c=US")}public static String configureDemoCertWithDN(String[] dn, @Nullable String[] subjectAltNames)
CN
value for the common name.
Postcondition is the server keystore is updated to include a private entry. The private entry has the new certificate chain that connects the server to the Demo CA. The matching private key is also stored in the entry.
dn
- String params in the form attrKey=attrVal
composing a distinguished name.
e.g. configureDemoCertWithDN(new String[] {"cn=John Whorfin", "o=Yoyodyne", "l=San Narciso", "st=California", "c=US"), null}subjectAltNames
- names in the form tag:name
(format similar to OpenSSL X509 configuration)protected static KeyStoreFile getKeyStoreFile()
This work is licensed under a Creative Commons Attribution 4.0 International License.