Examples of org.ejbca.core.model.ca.certificateprofiles.EndUserCertificateProfile

• org.ejbca.core.model.ca.certificateprofiles.EndUserCertificateProfile
  EndUserCertificateProfile is a class defining the fixed characteristics of an enduser certificate type @version $Id: EndUserCertificateProfile.java 8696 2010-03-02 15:31:44Z anatom $

    /**
     * @throws Exception if an error occurs...
     */
    public void test01CodeSigning() throws Exception {
        certificateProfileSession.removeCertificateProfile(admin,"EXTKEYUSAGECERTPROFILE");
        final EndUserCertificateProfile certprof = new EndUserCertificateProfile();
        ArrayList<String> list = new ArrayList<String>();
        list.add("1.3.6.1.4.1.311.2.1.21"); // MS individual code signing
        list.add("1.3.6.1.4.1.311.2.1.22"); // MS commercial code signing
        certprof.setExtendedKeyUsage(list);
        certificateProfileSession.addCertificateProfile(admin, "EXTKEYUSAGECERTPROFILE", certprof);
        final int fooCertProfile = certificateProfileSession.getCertificateProfileId(admin,"EXTKEYUSAGECERTPROFILE");

        endEntityProfileSession.removeEndEntityProfile(admin, "EXTKEYUSAGEEEPROFILE");
        final EndEntityProfile profile = new EndEntityProfile(true);

    /**
     * @throws Exception if an error occurs...
     */
    public void test02SSH() throws Exception {
        certificateProfileSession.removeCertificateProfile(admin,"EXTKEYUSAGECERTPROFILE");
        final EndUserCertificateProfile certprof = new EndUserCertificateProfile();
        ArrayList<String> list = new ArrayList<String>();
        certprof.setExtendedKeyUsage(list);
        certificateProfileSession.addCertificateProfile(admin, "EXTKEYUSAGECERTPROFILE", certprof);
        final int fooCertProfile = certificateProfileSession.getCertificateProfileId(admin,"EXTKEYUSAGECERTPROFILE");

        endEntityProfileSession.removeEndEntityProfile(admin, "EXTKEYUSAGEEEPROFILE");
        final EndEntityProfile profile = new EndEntityProfile(true);
        profile.setValue(EndEntityProfile.AVAILCERTPROFILES,0,Integer.toString(fooCertProfile));
        endEntityProfileSession.addEndEntityProfile(admin, "EXTKEYUSAGEEEPROFILE", profile);
        final int fooEEProfile = endEntityProfileSession.getEndEntityProfileId(admin, "EXTKEYUSAGEEEPROFILE");

        createOrEditUser(fooCertProfile, fooEEProfile);

        X509Certificate cert = (X509Certificate) signSession.createCertificate(admin, "extkeyusagefoo", "foo123", rsakeys.getPublic());
        assertNotNull("Failed to create certificate", cert);
        //log.debug("Cert=" + cert.toString());
        List<String> ku = cert.getExtendedKeyUsage();
        assertNull(ku);

        // Now add the SSH extended key usages
        list.add("1.3.6.1.5.5.7.3.21"); // SSH client
        list.add("1.3.6.1.5.5.7.3.22"); // SSH server
        certprof.setExtendedKeyUsage(list);
        certificateProfileSession.changeCertificateProfile(admin, "EXTKEYUSAGECERTPROFILE", certprof);
        createOrEditUser(fooCertProfile, fooEEProfile);
        cert = (X509Certificate) signSession.createCertificate(admin, "extkeyusagefoo", "foo123", rsakeys.getPublic());
        assertNotNull("Failed to create certificate", cert);
        //log.debug("Cert=" + cert.toString());

        final GlobalConfiguration newGlobalConfig = globalConfigurationSession.getCachedGlobalConfiguration(administrator);
        newGlobalConfig.setEnableKeyRecovery(true);
        globalConfigurationSession.saveGlobalConfigurationRemote(administrator, newGlobalConfig);

        // Setup with two new Certificate profiles.
        final EndUserCertificateProfile profile1 = new EndUserCertificateProfile();
        profile1.setKeyUsage(CertificateProfile.DIGITALSIGNATURE, false);
        profile1.setKeyUsage(CertificateProfile.KEYENCIPHERMENT, false);
        profile1.setKeyUsage(CertificateProfile.NONREPUDIATION, true);

        final EndUserCertificateProfile profile2 = new EndUserCertificateProfile();
        profile2.setKeyUsage(CertificateProfile.DATAENCIPHERMENT, true);

        certificateProfileSession.addCertificateProfile(administrator, certprofilename1, profile1);
        certificateProfileSession.addCertificateProfile(administrator, certprofilename2, profile2);

        final int profile1Id = certificateProfileSession.getCertificateProfileId(administrator, certprofilename1);

        gc.setEnableEndEntityProfileLimitations(false);
        raAdminSession.saveGlobalConfigurationRemote(intAdmin, gc);
        if (certificateProfileSession.getCertificateProfileId(intAdmin, "WSTESTPROFILE") != 0) {
            certificateProfileSession.removeCertificateProfile(intAdmin, "WSTESTPROFILE");
        }
        CertificateProfile profile = new EndUserCertificateProfile();
        profile.setAllowValidityOverride(true);
        certificateProfileSession.addCertificateProfile(intAdmin, "WSTESTPROFILE", profile);
        UserDataVOWS tokenUser1 = new UserDataVOWS();
        tokenUser1.setUsername(username);
        tokenUser1.setPassword("foo123");
        tokenUser1.setClearPwd(true);

        updatePropertyOnServer(CmpConfiguration.CONFIG_RA_ENDENTITYPROFILE, EEPNAME);
        updatePropertyOnServer(CmpConfiguration.CONFIG_RACANAME, cainfo.getName());
        // Configure a Certificate profile (CmpRA) using ENDUSER as template and
        // check "Allow validity override".
        if (certificateProfileSession.getCertificateProfile(admin, CPNAME) == null) {
            CertificateProfile cp = new EndUserCertificateProfile();
            cp.setAllowValidityOverride(true);
            try { // TODO: Fix this better
                certificateProfileSession.addCertificateProfile(admin, CPNAME, cp);
            } catch (CertificateProfileExistsException e) {
                e.printStackTrace();
            }