diff --git a/src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java b/src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java index da0b1da..97932e1 100644 --- a/src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java +++ b/src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java @@ -282,11 +282,8 @@ public class OpenSSLCertificateCreator { "-out", outFile.toString(), "-extfile", - extFile.toString(), - "-passout", - "env:KEY_PASS" + extFile.toString() ) - .environment("KEY_PASS", certPassword) .redirectOutput(Slf4jStream.ofCaller().asDebug()) .redirectError(Slf4jStream.ofCaller().asError()) .start(); diff --git a/src/main/java/de/mlessmann/certassist/service/CertificateCreationService.java b/src/main/java/de/mlessmann/certassist/service/CertificateCreationService.java index a2b6988..39087de 100644 --- a/src/main/java/de/mlessmann/certassist/service/CertificateCreationService.java +++ b/src/main/java/de/mlessmann/certassist/service/CertificateCreationService.java @@ -47,8 +47,8 @@ public class CertificateCreationService { certificateRequest ); ) { - certificate.setPrivateKey(Files.readAllBytes(certificateCreatorResult.getPrivateKeyPath())); - certificate.setCert(Files.readAllBytes(certificateCreatorResult.getCertificatePath())); + certificate.setPrivateKey(Files.readAllBytes(certificateCreatorResult.certificateKeyPath())); + certificate.setCert(Files.readAllBytes(certificateCreatorResult.certificatePath())); } catch (InterruptedException e) { Thread.currentThread().interrupt(); throw new IllegalStateException("Interrupted exception", e); diff --git a/src/test/java/de/mlessmann/certassist/TestOpenSSLCertificateCreator.java b/src/test/java/de/mlessmann/certassist/TestOpenSSLCertificateCreator.java index f7b70d8..5946271 100644 --- a/src/test/java/de/mlessmann/certassist/TestOpenSSLCertificateCreator.java +++ b/src/test/java/de/mlessmann/certassist/TestOpenSSLCertificateCreator.java @@ -1,8 +1,7 @@ package de.mlessmann.certassist; -import static org.assertj.core.api.Assertions.*; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.*; import de.mlessmann.certassist.openssl.*; import de.mlessmann.certassist.openssl.CertificateRequest.RequestType; @@ -38,8 +37,24 @@ class TestOpenSSLCertificateCreator { .build(); try (var cert = certificateCreator.createCertificate(certRequest)) { - assertThat(certificateCreator.verifyCertificate(cert.getCertificatePath())).isEqualTo(true); + assertThat(certificateCreator.verifyCertificate(cert.certificatePath())).isEqualTo(true); System.out.println("Certificate created: " + cert); + + CertificateRequest childRequest = CertificateRequest + .builder() + .commonName("test.local") + .type(RequestType.NORMAL_CERTIFICATE) + .trustingAuthority(cert.fingerprint()) + .subject(CertificateSubject.builder().country("DE").state("SH").locality("HH").organization("Crazy-Cats")) + .build(); + + var spiedCert = spy(cert); + doNothing().when(spiedCert).close(); + when(certificateProvider.requestCertificateUsage(cert.fingerprint())).thenReturn(spiedCert); + try (var childCert = certificateCreator.createCertificate(childRequest)) { + System.out.println("Child certificate created: " + childCert); + assertThat(certificateCreator.verifyCertificate(childCert.certificatePath())).isEqualTo(true); + } } } }