JKStoJKSConversionModulepublic class JKStoJKSConversionModule extends Object implements BaseModule
Fields Summary |
---|
private static Logger | _logger | private com.sun.enterprise.util.i18n.StringManager | sm | private String | jksPath | private String | sourceJksPath | private String | trustJksPath | private String | sourceTrustJksPath | private String | jksKeyStorePassword | private String | jksCAkeyStorePassword | private boolean | certificateError | private CommonInfoModel | commonInfo |
Constructors Summary |
---|
public JKStoJKSConversionModule()
sm = StringManager.getManager(LogService.UPGRADE_CERTCONVERSION_LOGGER);
|
Methods Summary |
---|
private void | copyCACertificates(java.lang.String sourceTrustJksPath, java.lang.String targetTrustJksPath)
FileInputStream in = null;
FileOutputStream out = null;
try {
KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
in = new FileInputStream(new File(sourceTrustJksPath));
keystoreSource.load(in,jksCAkeyStorePassword.toCharArray());
keystoreTarget.load(null, jksCAkeyStorePassword.toCharArray());
java.util.Enumeration en = keystoreSource.aliases();
for(; en.hasMoreElements(); ){
String alias = (String) en.nextElement();
java.security.cert.Certificate cert = keystoreSource.getCertificate(alias);
keystoreTarget.setCertificateEntry(alias,cert);
_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.ca_transferred",alias));
}
out = new FileOutputStream(targetTrustJksPath);
keystoreTarget.store(out, jksCAkeyStorePassword.toCharArray());
} catch (java.security.cert.CertificateException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (NoSuchAlgorithmException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (FileNotFoundException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
// Keystore does not exist
} catch (KeyStoreException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (IOException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
}catch(Exception e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
}finally {
try {
if(in!=null)
in.close();
if(out!=null)
out.close();
}catch(Exception ex){}
}
| private void | copyKeyPairs(java.lang.String sourceJksPath, java.lang.String targetJksPath)
FileInputStream in = null;
FileOutputStream out = null;
try {
KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
in = new FileInputStream(new File(sourceJksPath));
keystoreSource.load(in,jksKeyStorePassword.toCharArray());
keystoreTarget.load(null, jksKeyStorePassword.toCharArray());
java.util.Enumeration en = keystoreSource.aliases();
for(; en.hasMoreElements(); ){
String alias = (String) en.nextElement();
_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.processing_keypair",alias));
Key key = keystoreSource.getKey(alias, jksKeyStorePassword.toCharArray());
java.security.cert.Certificate[] cert = keystoreSource.getCertificateChain(alias);
keystoreTarget.setKeyEntry(alias, key, jksKeyStorePassword.toCharArray(), cert);
_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.alias_transferred",alias));
}
out = new FileOutputStream(targetJksPath);
keystoreTarget.store(out, jksKeyStorePassword.toCharArray());
} catch (java.security.cert.CertificateException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (NoSuchAlgorithmException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (FileNotFoundException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
// Keystore does not exist
} catch (KeyStoreException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
} catch (IOException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
}catch(Exception e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
throw new CertificateException(sm.getString("enterprise.tools.upgrade.unknownError"));
}finally {
try {
if(in!=null)
in.close();
if(out!=null)
out.close();
}catch(Exception ex){}
}
| private void | doBackup(CommonInfoModel commonInfo)
doCACertificateBackup();
doKeyPairBackup();
| private void | doCACertificateBackup()
copyCACertificates(trustJksPath, trustJksPath+".back");
/*FileInputStream in = null;
FileOutputStream out = null;
try {
KeyStore keystoreSource = KeyStore.getInstance(KeyStore.getDefaultType());
KeyStore keystoreTarget = KeyStore.getInstance(KeyStore.getDefaultType());
in = new FileInputStream(new File(trustJksPath));
keystoreSource.load(in,jksCAkeyStorePassword.toCharArray());
keystoreTarget.load(null, jksCAkeyStorePassword.toCharArray());
java.util.Enumeration en = keystoreSource.aliases();
for(; en.hasMoreElements(); ){
String alias = (String) en.nextElement();
java.security.cert.Certificate cert = keystoreSource.getCertificate(alias);
keystoreTarget.setCertificateEntry(alias,cert);
}
out = new FileOutputStream(trustJksPath+".back");
keystoreTarget.store(out, jksCAkeyStorePassword.toCharArray());
} catch (java.security.cert.CertificateException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
} catch (NoSuchAlgorithmException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
} catch (FileNotFoundException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
// Keystore does not exist
} catch (KeyStoreException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
} catch (IOException e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
}catch(Exception e) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.unknownError"),e);
}finally {
try {
if(in!=null)
in.close();
if(out!=null)
out.close();
}catch(Exception ex){}
} */
| private void | doKeyPairBackup()
copyKeyPairs(jksPath, jksPath+".back") ;
| public java.lang.String | getName()
return sm.getString("enterprise.tools.upgrade.certconversion.moduleName");
| public static void | main(java.lang.String[] args)
CommonInfoModel commonInfo = new CommonInfoModel();
commonInfo.setSourceInstallDir(args[0]);
commonInfo.setTargetInstallDir(args[1]);
commonInfo.setCertDbPassword(args[2]);
commonInfo.setJksKeystorePassword(args[3]);
JKStoJKSConversionModule convModule = new JKStoJKSConversionModule();
convModule.upgrade(commonInfo);
| public void | recovery(CommonInfoModel commonInfo)
File keypairKeyStoreOriginalFile = new File(jksPath);
File keypairKeyStoreBackupFile = new File(jksPath+".back");
File trustedKeyStoreOriginalFile = new File(trustJksPath);
File trustedKeyStoreBackupFile = new File(trustJksPath+".back");
new File(jksPath+".back1").delete();
new File(trustJksPath+".back1").delete();
boolean success = keypairKeyStoreOriginalFile.renameTo(new File(jksPath+".back1"));
if(!success) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
return;
}
success = trustedKeyStoreOriginalFile.renameTo(new File(trustJksPath+".back1"));
if(!success) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
return;
}
keypairKeyStoreOriginalFile.delete();
trustedKeyStoreOriginalFile.delete();
success = keypairKeyStoreBackupFile.renameTo(keypairKeyStoreOriginalFile);
if(!success) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
File keypairKeyStoreanotherBackupFile = new File(jksPath+".back1");
File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
return;
}
success = trustedKeyStoreBackupFile.renameTo(trustedKeyStoreOriginalFile);
if(!success) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_recover_certificates"));
File keypairKeyStoreanotherBackupFile = new File(jksPath+".back1");
File trustedKeyStoreanotherBackupFile = new File(trustJksPath+".back1");
keypairKeyStoreanotherBackupFile.renameTo(keypairKeyStoreOriginalFile);
trustedKeyStoreanotherBackupFile.renameTo(trustedKeyStoreOriginalFile);
return;
}
new File(jksPath+".back1").delete();
new File(trustJksPath+".back1").delete();
| public boolean | upgrade(CommonInfoModel commonInfo)
try {
String currentDomain = commonInfo.getCurrentDomain();
if(!(commonInfo.getDomainOptionList().contains(currentDomain)))
return true;
this.jksPath=commonInfo.getTargetJKSKeyStorePath();
this.sourceJksPath=commonInfo.getSourceJKSKeyStorePath();
this.trustJksPath = commonInfo.getTargetTrustedJKSKeyStorePath();
this.sourceTrustJksPath = commonInfo.getSourceTrustedJKSKeyStorePath();
this.jksKeyStorePassword=commonInfo.getJksKeystorePassword();
this.jksCAkeyStorePassword=commonInfo.getJksCAKeystorePassword();
this.commonInfo = commonInfo;
_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.start_certificate_migration",currentDomain));
doBackup(commonInfo);
copyKeyPairs(sourceJksPath,jksPath);
copyCACertificates(sourceTrustJksPath,trustJksPath);
_logger.log(Level.INFO,sm.getString("enterprise.tools.upgrade.certconversion.finished_certificate_migration",currentDomain));
}catch(CertificateException ce) {
_logger.log(Level.WARNING,sm.getString("enterprise.tools.upgrade.certconversion.could_not_migrate_certificates",ce));
UpdateProgressManager.getProgressManager().setContinueUpgrade(false);
return false;
}
return true;
|
|