Skip to content

Commit fb01ccf

Browse files
author
Chris Wiechmann
committed
Back to certInfo endpoint as cerinfoFromUrl is not available in older releases
#221
1 parent c8b978f commit fb01ccf

2 files changed

Lines changed: 10 additions & 4 deletions

File tree

modules/apim-adapter/src/main/java/com/axway/apim/adapter/APIManagerAdapter.java

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
package com.axway.apim.adapter;
22

3+
import java.io.File;
34
import java.io.InputStream;
45
import java.net.URI;
56
import java.net.URL;
@@ -542,21 +543,26 @@ public static String getApiManagerName() throws AppException {
542543
return APIManagerAdapter.apiManagerName;
543544
}
544545

545-
public static JsonNode getCertInfoFromFile(InputStream certFile, CaCert cert) throws AppException {
546+
public static JsonNode getCertInfo(InputStream certificate, String password, CaCert cert) throws AppException {
546547
URI uri;
547548
HttpResponse httpResponse = null;
548549
try {
549550
uri = new URIBuilder(cmd.getAPIManagerURL()).setPath(cmd.getApiBasepath() + "/certinfo").build();
550551
HttpEntity entity = MultipartEntityBuilder.create()
551-
.addBinaryBody("file", IOUtils.toByteArray(certFile), ContentType.create("application/x-x509-ca-cert"), cert.getCertFile())
552+
.addBinaryBody("file", certificate, ContentType.create("application/x-x509-ca-cert"), cert.getCertFile())
552553
.addTextBody("inbound", cert.getInbound())
553554
.addTextBody("outbound", cert.getOutbound())
555+
.addTextBody("passphrase", password)
554556
.build();
555557
POSTRequest postRequest = new POSTRequest(entity, uri);
556558
httpResponse = postRequest.execute();
557559
int statusCode = httpResponse.getStatusLine().getStatusCode();
558560
String response = EntityUtils.toString(httpResponse.getEntity());
559561
if( statusCode != 200){
562+
if(response!=null && response.contains("Bad password")) {
563+
LOG.debug("API-Manager failed to read certificate information: " + cert.getCertFile() + ". Got response: '"+response+"'.");
564+
throw new AppException("Password for keystore: '" + cert.getCertFile() + "' is wrong.", ErrorCode.WRONG_KEYSTORE_PASSWORD);
565+
}
560566
throw new AppException("API-Manager failed to read certificate information from file. Got response: '"+response+"'", ErrorCode.API_MANAGER_COMMUNICATION);
561567
}
562568
JsonNode jsonResponse = mapper.readTree(response);

modules/apis/src/main/java/com/axway/apim/apiimport/APIImportConfigAdapter.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -458,7 +458,7 @@ private void completeCaCerts(API apiConfig) throws AppException {
458458
for(CaCert cert :apiConfig.getCaCerts()) {
459459
if(cert.getCertBlob()==null) {
460460
try(InputStream is = getInputStreamForCertFile(cert)) {
461-
JsonNode certInfo = APIManagerAdapter.getCertInfoFromFile(is, cert);
461+
JsonNode certInfo = APIManagerAdapter.getCertInfo(is, null, cert);
462462
CaCert completedCert = mapper.readValue(certInfo.get(0).toString(), CaCert.class);
463463
completedCaCerts.add(completedCert);
464464
} catch (Exception e) {
@@ -829,7 +829,7 @@ private void handleOutboundSSLAuthN(AuthenticationProfile authnProfile) throws A
829829
cert.setInbound("false");
830830
cert.setOutbound("true");
831831
// This call is to validate the given password, keystore is valid
832-
APIManagerAdapter.getCertInfoFromUrl(fileData.get("data").asText(), password, cert);
832+
APIManagerAdapter.getCertInfo(new FileInputStream(clientCertFile), password, cert);
833833
String data = fileData.get("data").asText();
834834
authnProfile.getParameters().put("pfx", data);
835835
authnProfile.getParameters().remove("certFile");

0 commit comments

Comments
 (0)