FileDocCategorySizeDatePackage
JKStoJKSConversionModule.javaAPI DocGlassfish v2 API15617Fri May 04 22:35:02 BST 2007com.sun.enterprise.tools.upgrade.certconversion

JKStoJKSConversionModule

public class JKStoJKSConversionModule extends Object implements BaseModule
author : Servesh Singh

Fields Summary
private static Logger
_logger
private com.sun.enterprise.util.i18n.StringManager
sm
private String
jksPath
private String
sourceJksPath
private String
trustJksPath
private String
sourceTrustJksPath
private String
jksKeyStorePassword
private String
jksCAkeyStorePassword
private boolean
certificateError
private CommonInfoModel
commonInfo
Constructors Summary
public JKStoJKSConversionModule()

    
     
        sm = StringManager.getManager(LogService.UPGRADE_CERTCONVERSION_LOGGER);
    
Methods Summary
private voidcopyCACertificates(java.lang.String sourceTrustJksPath, java.lang.String targetTrustJksPath)

        FileInputStream in = null;
        FileOutputStream out = null;
        try {
            KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
            KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
            in = new FileInputStream(new File(sourceTrustJksPath));
            keystoreSource.load(in,jksCAkeyStorePassword.toCharArray());
            keystoreTarget.load(null, jksCAkeyStorePassword.toCharArray());
            java.util.Enumeration en = keystoreSource.aliases();
            for(; en.hasMoreElements(); ){
                String alias = (String) en.nextElement();
                java.security.cert.Certificate cert = keystoreSource.getCertificate(alias);
                keystoreTarget.setCertificateEntry(alias,cert);
                _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.ca_transferred",alias));
                
            }
            out = new FileOutputStream(targetTrustJksPath);
            keystoreTarget.store(out, jksCAkeyStorePassword.toCharArray());
        } catch (java.security.cert.CertificateException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (NoSuchAlgorithmException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (FileNotFoundException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
            // Keystore does not exist
        } catch (KeyStoreException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (IOException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        }catch(Exception e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        }finally {
            try {
                if(in!=null)
                    in.close();
                if(out!=null)
                    out.close();
            }catch(Exception ex){}
        }
    
private voidcopyKeyPairs(java.lang.String sourceJksPath, java.lang.String targetJksPath)

        FileInputStream in = null;
        FileOutputStream out = null;
        try {
            KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
            KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
            in = new FileInputStream(new File(sourceJksPath));
            keystoreSource.load(in,jksKeyStorePassword.toCharArray());
            keystoreTarget.load(null, jksKeyStorePassword.toCharArray());
            java.util.Enumeration en = keystoreSource.aliases();
            for(; en.hasMoreElements(); ){
                String alias = (String) en.nextElement();
                _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",alias));
                Key key = keystoreSource.getKey(alias, jksKeyStorePassword.toCharArray());
                java.security.cert.Certificate[] cert = keystoreSource.getCertificateChain(alias);
                keystoreTarget.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert);
                _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_transferred",alias));
            }
            out = new FileOutputStream(targetJksPath);
            keystoreTarget.store(out, jksKeyStorePassword.toCharArray());
        } catch (java.security.cert.CertificateException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (NoSuchAlgorithmException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (FileNotFoundException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
            // Keystore does not exist
        } catch (KeyStoreException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        } catch (IOException e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        }catch(Exception e) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
            throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
        }finally {
            try {
                if(in!=null)
                    in.close();
                if(out!=null)
                    out.close();
            }catch(Exception ex){}
        }
    
private voiddoBackup(CommonInfoModel commonInfo)

        doCACertificateBackup();
        doKeyPairBackup();
    
private voiddoCACertificateBackup()

        copyCACertificates(trustJksPath, trustJksPath+".back");
    /*FileInputStream in = null;
    FileOutputStream out = null;
    try {
        KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
        KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
        in = new FileInputStream(new File(trustJksPath));
        keystoreSource.load(in,jksCAkeyStorePassword.toCharArray());
        keystoreTarget.load(null, jksCAkeyStorePassword.toCharArray());
        java.util.Enumeration en = keystoreSource.aliases();
        for(; en.hasMoreElements(); ){
            String alias = (String) en.nextElement();
            java.security.cert.Certificate cert = keystoreSource.getCertificate(alias);
            keystoreTarget.setCertificateEntry(alias,cert);
        }
        out = new FileOutputStream(trustJksPath+".back");
        keystoreTarget.store(out, jksCAkeyStorePassword.toCharArray());
    } catch (java.security.cert.CertificateException e) {
        _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
    } catch (NoSuchAlgorithmException e) {
         _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
    } catch (FileNotFoundException e) {
         _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
              // Keystore does not exist
    } catch (KeyStoreException e) {
         _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
    } catch (IOException e) {
         _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
    }catch(Exception e) {
         _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
    }finally {
        try {
            if(in!=null)
                in.close();
            if(out!=null)
                out.close();
        }catch(Exception ex){}
    }  */
    
private voiddoKeyPairBackup()

        copyKeyPairs(jksPath, jksPath+".back") ;
    
public java.lang.StringgetName()

        return sm.getString("enterprise.tools.upgrade.certconversion.moduleName");
    
public static voidmain(java.lang.String[] args)

        CommonInfoModel commonInfo = new CommonInfoModel();
        commonInfo.setSourceInstallDir(args[0]);
        commonInfo.setTargetInstallDir(args[1]);
        commonInfo.setCertDbPassword(args[2]);
        commonInfo.setJksKeystorePassword(args[3]);
        JKStoJKSConversionModule convModule = new JKStoJKSConversionModule();
        convModule.upgrade(commonInfo);
    
public voidrecovery(CommonInfoModel commonInfo)

        File keypairKeyStoreOriginalFile = new File(jksPath);
        File keypairKeyStoreBackupFile = new File(jksPath+".back");
        File trustedKeyStoreOriginalFile = new File(trustJksPath);
        File trustedKeyStoreBackupFile = new File(trustJksPath+".back");
        new File(jksPath+".back1").delete();
        new File(trustJksPath+".back1").delete();
        boolean success = keypairKeyStoreOriginalFile.renameTo(new File(jksPath+".back1"));
        if(!success) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
            return;
        }
        success = trustedKeyStoreOriginalFile.renameTo(new File(trustJksPath+".back1"));
        if(!success) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
            return;
        }
        keypairKeyStoreOriginalFile.delete();
        trustedKeyStoreOriginalFile.delete();
        success = keypairKeyStoreBackupFile.renameTo(keypairKeyStoreOriginalFile);
        if(!success) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
            File keypairKeyStoreanotherBackupFile =  new File(jksPath+".back1");
            File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
            keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
            trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
            return;
        }
        success = trustedKeyStoreBackupFile.renameTo(trustedKeyStoreOriginalFile);
        if(!success) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
            File keypairKeyStoreanotherBackupFile =  new File(jksPath+".back1");
            File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
            keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
            trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
            return;
        }
        new File(jksPath+".back1").delete();
        new File(trustJksPath+".back1").delete();
    
public booleanupgrade(CommonInfoModel commonInfo)

        try {
            String currentDomain = commonInfo.getCurrentDomain();
            if(!(commonInfo.getDomainOptionList().contains(currentDomain)))
                return true;
            this.jksPath=commonInfo.getTargetJKSKeyStorePath();
            this.sourceJksPath=commonInfo.getSourceJKSKeyStorePath();
            this.trustJksPath = commonInfo.getTargetTrustedJKSKeyStorePath();
            this.sourceTrustJksPath = commonInfo.getSourceTrustedJKSKeyStorePath();
            this.jksKeyStorePassword=commonInfo.getJksKeystorePassword();
            this.jksCAkeyStorePassword=commonInfo.getJksCAKeystorePassword();
            this.commonInfo = commonInfo;
            _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.start_certificate_migration",currentDomain));
            doBackup(commonInfo);
            copyKeyPairs(sourceJksPath,jksPath);
            copyCACertificates(sourceTrustJksPath,trustJksPath);
            _logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.finished_certificate_migration",currentDomain));
        }catch(CertificateException ce) {
            _logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_migrate_certificates",ce));
            UpdateProgressManager.getProgressManager().setContinueUpgrade(false);
            return false;
        }
        return true;