subjectAltName = x509ca.getSubjectAltName();
}
UserDataVO cainfodata = new UserDataVO("nobody", ca.getSubjectDN(), ca.getSubjectDN().hashCode(), subjectAltName, null, 0, 0, 0, ca
.getCertificateProfileId(), null, null, 0, 0, null);
CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(admin, ca.getCertificateProfileId());
// get from CAtoken to make sure it is fresh
String sequence = caToken.getCATokenInfo().getKeySequence();
cacertificate = ca.generateCertificate(cainfodata, ca.getCAToken().getPublicKey(SecConst.CAKEYPURPOSE_CERTSIGN), -1, ca.getValidity(),
certprofile, sequence);
// Build Certificate Chain
cachain = new ArrayList<Certificate>();
cachain.add(cacertificate);
} else {
// Resign with CA above.
if (ca.getSignedBy() > CAInfo.SPECIALCAIDBORDER || ca.getSignedBy() < 0) {
// Create CA signed by other internal CA.
CAData signcadata = CAData.findByIdOrThrow(entityManager, Integer.valueOf(ca.getSignedBy()));
CA signca = signcadata.getCA();
// Check that the signer is valid
checkSignerValidity(admin, signcadata);
// Create cacertificate
String subjectAltName = null;
if (ca instanceof X509CA) {
X509CA x509ca = (X509CA) ca;
subjectAltName = x509ca.getSubjectAltName();
}
UserDataVO cainfodata = new UserDataVO("nobody", ca.getSubjectDN(), ca.getSubjectDN().hashCode(), subjectAltName, null, 0, 0, 0, ca
.getCertificateProfileId(), null, null, 0, 0, null);
CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(admin, ca.getCertificateProfileId());
String sequence = caToken.getCATokenInfo().getKeySequence(); // get from CAtoken to make sure it is fresh
cacertificate = signca.generateCertificate(cainfodata, ca.getCAToken().getPublicKey(SecConst.CAKEYPURPOSE_CERTSIGN), -1, ca
.getValidity(), certprofile, sequence);
// Build Certificate Chain
Collection<Certificate> rootcachain = signca.getCertificateChain();