Permalink
Browse files

Refactoring SSL to use a Betamax Root Certificate.

  • Loading branch information...
cowboygneox committed Jun 13, 2016
1 parent 4bf035d commit 05431658805eded5778daac52029a1b396a9d351
View
@@ -19,3 +19,5 @@ build/
lib/
log.txt
target/
*.csr
*.cert
@@ -34,7 +34,7 @@
*/
public class DynamicSelfSignedSslEngineSource implements SslEngineSource {
private static final String PASSWORD = "Be Your Own Lantern";
private static final String PASSWORD = "changeit";
private static final String PROTOCOL = "TLS";
private final File keyStoreFile;
@@ -65,14 +65,23 @@ private void initializeKeyStore() {
return;
}
// Generate a private key / cert for this site
nativeCall("keytool", "-genkey", "-alias", this.host, "-keysize",
"4096", "-validity", "36500", "-keyalg", "RSA", "-dname",
"CN=" + this.host, "-keypass", PASSWORD, "-storepass",
PASSWORD, "-keystore", keyStoreFile.getName());
nativeCall("keytool", "-exportcert", "-alias", host, "-keystore",
keyStoreFile.getName(), "-storepass", PASSWORD, "-file",
keyStoreFile.getName() + ".cert");
// Create a certificate signing request to send to the root authority
nativeCall("keytool", "-certreq", "-file", this.host + ".csr", "-alias", this.host,
"-keystore", keyStoreFile.getName(), "-storepass", PASSWORD);
// Generate a certificate for the site signed by the root authority
nativeCall("keytool", "-gencert", "-infile", this.host + ".csr", "-outfile", this.host + ".cert",
"-alias", "betamax", "-keystore", "betamax.jks", "-storepass", PASSWORD);
// Bring the signed certificate into the keystore and trust it
nativeCall("keytool", "-importcert", "-file", this.host + ".cert", "-noprompt", "-trustcacerts",
"-alias", this.host, "-keystore", keyStoreFile.getName(), "-storepass", PASSWORD);
}
private void initializeSSLContext() {
View
Binary file not shown.
View
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAvOrsa12qYFegziEaqP4f8GkdImjbAZ3mZDZ985/MD8kFQcPi
F4o5On5A7rS6RMx/P7OfDeKB7qylH6vUnFwJWdaLBXpSJ6UgoFBMb030ETAi3l9f
FIJwCV/Y2VKW/bDMOXt3sxHLuib8CdoDac9lJG1ZVGag9JPNO7Dxc3S6q/ZmtKkG
18bQPYZ4DQCpqCwLV3ZRFDI6VhqIfhT1Yt1QxwZy2TB/sL41vLslGHM2GHCljgud
73AnjU/ltopk6Ci46oenD05bB8zzrcdzYCEy2KTubh+M9/CU+Md4SBdVbsWuyJ4z
JEJwZXeHgkQ+ZhyWVS1xTpMZ71tHkvyzEulLvwIDAQABAoIBAGiRE+ldv/dxqWVO
94XAm4cjd2fbaBWeA69GZjLaKUY3ezxqoxNqg8C3r1MxH8UC+BAXaRtzW33ze7Zr
EtS1MMvUL8EJcr3U7ZkuuRAGsuhsn3A8k9EzXbYiolGwIDktiezrRVcNq5lPCMSf
MrJ3hEFEcWSBJegag0fd6deBLe4OEOX/MLTr6hpNofQFZJFTQLjF/qbuz8ZQsm08
Tbloa1lNpL+pn/24KSHHyjlERufYQENeGyHtu5nBzyVzZcAXBJdArxQ2Ix1eqMCX
ZiyZqGW7NENt3gb90qHT7F7/VO8kASo9icDk5X5ZuivoM85WBONhY65cBGpiNMLN
TPwkGzECgYEA9UYFu9kTt/2NmVmVo3ezHZdahxTpKRZVV5890IXG9AKLdcOsNqUh
TWIus0OkSfa1BhvzEP1wgalDaCVs1PRSDqjpT9N8JM5Ys3w1qVxGc5MiS7Idaafg
wxOZNPMntQu8Dxc7caLJ12KtDAAQxjvf5T/492NvpcBxK709RBjH6xkCgYEAxS33
DMcgdcNqFjjo3wCwd/OQild9eBtfei5ggXL3mgwRmJK+gKzDV5qWEhX4kNMoKzzI
f0hGHEWcmWfa8N9nCyZY+SI5H+uLUBWtqN/bXHQusLehyGG2gbFObaeFggJjv8mP
DAM7/Nq9YW9QNySn89ryIYzMyTLTrEDjyWI+oJcCgYBNWqkiRmMmquvGim9cH7s4
wOxHH/ws/iMqQEmhgx9tA4RyPqUIkum+2xE5bkLZJNqQs63kFNovum9M4EjDnM5o
WzNB/sPvY7ir2qed40FA4A137BPEp7KGM58lCO7j9XB5He2ceCfKKw/Cch7YNjf1
uEhP1Wd30gqfLc6ttFcQuQKBgQDE/jYasvpQDQp45yRoXyTuwgy+2cfFbfuGcr0B
tx197t7JgpoGrhN++zdBHGg4MG2qPNDGsSsyZa2daa/IBDnLXuV3CWTu6gFF4lKc
LAHZLU3USbG9IzoV+lEzpjDxAXgsjK94Peb5qIOZy37liJ6vNye+sw+JV1k4d5/b
e2a8QwKBgFhK6zLdA1RStfQ+8Som5RrBq33DaS3wwrGF8BYmJeB2kg9iSYjTgde2
fB2d72qyjqzpuhs/uV4xKthIPePuLYTsEB/Np53nHC67kwO+Du74IrWlBf+rqzdF
TnePzHVetVLQPi8X+FNH2wKEal1Ar/lPnjYokAoNTwhJxVLOq9IF
-----END RSA PRIVATE KEY-----
View
Binary file not shown.
View
@@ -0,0 +1,25 @@
-----BEGIN CERTIFICATE-----
MIIEHjCCAwagAwIBAgIJANZuHdKikHPVMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNp
c2NvMRAwDgYDVQQKEwdCZXRhbWF4MRkwFwYDVQQDExBiZXRhbWF4LnNvZnR3YXJl
MB4XDTE2MDYwNzE2MTUwMFoXDTIxMDYwNjE2MTUwMFowZzELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xEDAO
BgNVBAoTB0JldGFtYXgxGTAXBgNVBAMTEGJldGFtYXguc29mdHdhcmUwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC86uxrXapgV6DOIRqo/h/waR0iaNsB
neZkNn3zn8wPyQVBw+IXijk6fkDutLpEzH8/s58N4oHurKUfq9ScXAlZ1osFelIn
pSCgUExvTfQRMCLeX18UgnAJX9jZUpb9sMw5e3ezEcu6JvwJ2gNpz2UkbVlUZqD0
k807sPFzdLqr9ma0qQbXxtA9hngNAKmoLAtXdlEUMjpWGoh+FPVi3VDHBnLZMH+w
vjW8uyUYczYYcKWOC53vcCeNT+W2imToKLjqh6cPTlsHzPOtx3NgITLYpO5uH4z3
8JT4x3hIF1Vuxa7InjMkQnBld4eCRD5mHJZVLXFOkxnvW0eS/LMS6Uu/AgMBAAGj
gcwwgckwHQYDVR0OBBYEFE5+LjjeGgksimpZzOWhu7ZiX7eFMIGZBgNVHSMEgZEw
gY6AFE5+LjjeGgksimpZzOWhu7ZiX7eFoWukaTBnMQswCQYDVQQGEwJVUzETMBEG
A1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UE
ChMHQmV0YW1heDEZMBcGA1UEAxMQYmV0YW1heC5zb2Z0d2FyZYIJANZuHdKikHPV
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAK9yL+DxgwlOOmI2FTUZ
DYdPjFhodhDR4EqF0QAkyBJx2NWtuw4kuhgPyly1lPn1vMbgJ/bvu2Qz/6vAhe/o
4tNfW60wGCCvHK21Sxa56/6pzT/EOyx77uZAOVBbHuMLb9mgkjku722uFvTWdhXY
tDHsjgHAJM0ytclSZ6Z2FbGsRxoKMcgTot5v8Fp4TckNqsebUm6WDy9SuRB/zaTw
+q5fjsMHkui5ZXAwXqkO92GDQP3pZWbfVFk8Y31oKg2sG7+PA5oUBel1Gio8Nj5w
kevc1lAhWkouNYdBkDD4Vorm6xEZcmADdSQqOVoOqTDgvFVGekONJUN3s7hX9AdG
1LY=
-----END CERTIFICATE-----

0 comments on commit 0543165

Please sign in to comment.