<%@ page import="org.jivesoftware.util.CertificateManager" %>
<%@ page import="org.jivesoftware.util.ParamUtils" %>
<%@ page import="org.jivesoftware.openfire.XMPPServer" %>
<%@ page import="org.jivesoftware.openfire.net.SSLConfig" %>
<%@ page import="java.security.KeyStore" %>
<%@ page import="java.security.cert.X509Certificate" %>
<%@ page import="java.util.Enumeration" %>
<%@ page import="java.util.HashMap" %>
<%@ page import="java.util.Map" %>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
<% webManager.init(request, response, session, application, out ); %>
<%--
Created by IntelliJ IDEA.
User: gato
Date: Nov 6, 2006
Time: 3:15:13 PM
To change this template use File | Settings | File Templates.
--%>
<% // Get parameters:
boolean save = ParamUtils.getParameter(request, "save") != null;
String name = ParamUtils.getParameter(request, "name");
String organizationalUnit = ParamUtils.getParameter(request, "ou");
String organization = ParamUtils.getParameter(request, "o");
String city = ParamUtils.getParameter(request, "city");
String state = ParamUtils.getParameter(request, "state");
String countryCode = ParamUtils.getParameter(request, "country");
Map errors = new HashMap();
if (save) {
KeyStore keyStore;
try {
keyStore = SSLConfig.getKeyStore();
}
catch (Exception e) {
keyStore = SSLConfig.initializeKeyStore();
}
// Verify that fields were completed
if (name == null) {
errors.put("name", "");
}
if (organizationalUnit == null) {
errors.put("organizationalUnit", "");
}
if (organization == null) {
errors.put("organization", "");
}
if (city == null) {
errors.put("city", "");
}
if (state == null) {
errors.put("state", "");
}
if (countryCode == null) {
errors.put("countryCode", "");
}
if (errors.size() == 0) {
try {
// Regenerate self-sign certs whose subjectDN matches the issuerDN and set the new issuerDN
String domain = XMPPServer.getInstance().getServerInfo().getXMPPDomain();
StringBuilder issuerDN = new StringBuilder();
issuerDN.append("CN=").append(name);
issuerDN.append(", OU=").append(organizationalUnit);
issuerDN.append(", O=").append(organization);
issuerDN.append(", L=").append(city);
issuerDN.append(", ST=").append(state);
issuerDN.append(", C=").append(countryCode);
StringBuilder subjectDN = new StringBuilder();
subjectDN.append("CN=").append(domain);
subjectDN.append(", OU=").append(organizationalUnit);
subjectDN.append(", O=").append(organization);
subjectDN.append(", L=").append(city);
subjectDN.append(", ST=").append(state);
subjectDN.append(", C=").append(countryCode);
// Update certs with new issuerDN information
for (Enumeration certAliases = keyStore.aliases(); certAliases.hasMoreElements();) {
String alias = certAliases.nextElement();
X509Certificate certificate = (X509Certificate) keyStore.getCertificate(alias);
// Update only Self-signed certs
if (CertificateManager.isSelfSignedCertificate(keyStore, alias)) {
if (CertificateManager.isDSACertificate(certificate)) {
CertificateManager.createDSACert(keyStore, SSLConfig.getKeyPassword(), alias,
issuerDN.toString(), subjectDN.toString(), "*." + domain);
} else {
CertificateManager.createRSACert(keyStore, SSLConfig.getKeyPassword(), alias,
issuerDN.toString(), subjectDN.toString(), "*." + domain);
}
}
}
// Save keystore
SSLConfig.saveStores();
// Log the event
webManager.logEvent("generated SSL signing request", null);
response.sendRedirect("ssl-certificates.jsp?issuerUpdated=true");
return;
}
catch (Exception e) {
e.printStackTrace();
errors.put("general", "");
}
}
}
%>
<fmt:message key="ssl.signing-request.title"/>
<% if (errors.containsKey("name")) { %>
<% } else if (errors.containsKey("organizationalUnit")) { %>
<% } else if (errors.containsKey("organization")) { %>
<% } else if (errors.containsKey("city")) { %>
<% } else if (errors.containsKey("state")) { %>
<% } else if (errors.containsKey("countryCode")) { %>
<% } %>
