Commit 7dc07352 authored by Guus der Kinderen's avatar Guus der Kinderen Committed by akrherz

OF-1493: Admin console: Show PEM representation of certificate.

When displaying the details of a certificate, the admin console now also shows
its PEM representation. This is convenient for copy/pasting the certificate into
other tools.
parent e572677e
...@@ -30,6 +30,7 @@ import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter; ...@@ -30,6 +30,7 @@ import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils; import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.openssl.*; import org.bouncycastle.openssl.*;
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder; import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
...@@ -247,6 +248,24 @@ public class CertificateManager { ...@@ -247,6 +248,24 @@ public class CertificateManager {
return string.toString(); return string.toString();
} }
/**
* Generates a PEM representation of the input argument.
*
* @param object the input argument (cannot be null).
* @return PEM representation of the input argument.
* @throws IOException When a PEM representation of the input could not be created.
*/
public static String toPemRepresentation( Object object ) throws IOException
{
final StringWriter result = new StringWriter();
try ( final PemWriter pemWriter = new PemWriter(result) )
{
final PemObjectGenerator objGen = new JcaMiscPEMGenerator ( object );
pemWriter.writeObject( objGen );
}
return result.toString();
}
public static PrivateKey parsePrivateKey(String pemRepresentation, String passPhrase) throws IOException { public static PrivateKey parsePrivateKey(String pemRepresentation, String passPhrase) throws IOException {
if (pemRepresentation == null || pemRepresentation.trim().isEmpty()) { if (pemRepresentation == null || pemRepresentation.trim().isEmpty()) {
......
...@@ -11,6 +11,8 @@ ...@@ -11,6 +11,8 @@
<%@ page import="java.util.HashMap" %> <%@ page import="java.util.HashMap" %>
<%@ page import="java.util.Map" %> <%@ page import="java.util.Map" %>
<%@ page import="org.jivesoftware.openfire.XMPPServer" %> <%@ page import="org.jivesoftware.openfire.XMPPServer" %>
<%@ page import="org.jivesoftware.util.CertificateManager" %>
<%@ page import="org.bouncycastle.cert.X509CertificateHolder" %>
<%@ taglib uri="admin" prefix="admin" %> <%@ taglib uri="admin" prefix="admin" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
...@@ -451,6 +453,30 @@ ...@@ -451,6 +453,30 @@
<br/> <br/>
<div class="jive-table">
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<thead>
<tr>
<th>
PEM representation
</th>
</tr>
</thead>
<tbody>
<tr>
<%
final String pemRepresentation = CertificateManager.toPemRepresentation( (X509Certificate) pageContext.getAttribute( "certificate" ) );
%>
<td class="c1" align="center">
<textarea readonly cols="72" rows="<%= pemRepresentation.split( "\n" ).length + 5 %>"><%= pemRepresentation %></textarea>
</td>
</tr>
</tbody>
</table>
</div>
<br/>
<form action="security-certificate-details.jsp"> <form action="security-certificate-details.jsp">
<input type="hidden" name="connectionType" value="${connectionType}"/> <input type="hidden" name="connectionType" value="${connectionType}"/>
<input type="hidden" name="isTrustStore" value="${param.isTrustStore}"/> <input type="hidden" name="isTrustStore" value="${param.isTrustStore}"/>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment