Skip to content

krestfield/certdog-java-client

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

src

src

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

pom.xml

pom.xml

 
 

Repository files navigation

Certdog Java Client

A java client for certdog allowing you to obtain certificates as .cer, PKCS#12/PFX, PEM/PKCS#8 or JKS formats

Certdog can interface to your existing Microsoft CAs, PrimeKey EJBCAs as well as its own internal CAs

More info on certdog: https://krestfield.com/certdog

More info on this client: https://krestfield.github.io/docs/certdog/java_client.html

Usage

Create the client, passing the API URL

CertdogClient client = new CertdogClient("https://certdog.net/certdog/api");

Login with the api username and password

client.login("certdogtest", "password");

To request a certificate from a CSR provide

  1. The name of the cert issuer (as configured in certdog - use clien.getIssuers() to get all available issuers)
  2. The name of the team you wish this certificate to be associated with
  3. The CSR
String certIssuer = "Certdog TLS"
String team = "Test Team"
String csr = "-----BEGIN CERTIFICATE REQUEST-----MIICVDC...IcfbvBX-----END CERTIFICATE REQUEST-----";

X509Certificate cert = client.requestCertFromCsr(certIssuer, team, csr);

Save

CertdogClient.SaveCert(cert, "C:/temp/certdog.cer")

Request a cert from a DN. As well as the cert issuer and team, you also need to provide:

  1. The CSR generator name. This is the generator that will create the CSR for you (use client.getGenerators() to get all available generators)
  2. The requested DN
  3. Any Subject Alternative Names
  4. The password to protect the returned P12, JKS, PEM
String csrGenerator = "RSA2048"    
String dn = "CN=domain.com,O=Some org"

// Add Subject Alternative Names in this format:
// DNS:[dnsname.com],IP:[IP Address],EMAIL:[Email Address]
// pass null for no SANs    
ArrayList<String> sans = new ArrayList<>();
sans.add("DNS:domain.com");
sans.add("DNS:domain2.com");

String p12Password = "password"
   
// Request the cert. Other response formats are: JKS and PEM (PKCS#8)
String p12Data = client.requestCert(certIssuer, csrGenerator, team,
                     dn, p12Password, sans, ResponseFormat.PKCS12);

Save the returned data

CertdogClient.SaveP12(p12Data, "C:/temp/certdog.pfx");

You can now import this into your local certificate store

Revoke a certificate

client.revokeCert(certIssuer, cert, RevocationReason.CesationOfOperation);

To find out what issuers, teams and CSR generators are available

List<String> teamNames = client.getTeams();

List<String> issuers = client.getIssuers();

List<String> generators = client.getGenerators();

Logout

client.logout();

Jump on the UI to view your certs

https://certdog.net/

About

Issue certificates from certdog from your java applications

www.krestfield.com/certdog

Topics

certificate rest-api csr pkcs12 certificate-signing-request pkcs8

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

Version 1.9.0 Latest
May 26, 2023
+ 1 release

Packages

No packages published

Languages