diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-12-04 16:42:10 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-12-04 16:42:10 +0100 |
commit | e2addf4c3daa86a26934737f7e29e051d355fd1d (patch) | |
tree | 5f68b7654709c4af0a4c1dbdb0271dd38c259104 /athenz-identity-provider-service/src | |
parent | b31044f987e3cc28d37f3d37460dbdde0462e9b6 (diff) |
Use Extension.basicConstraints instead of cryptic string id
Diffstat (limited to 'athenz-identity-provider-service/src')
-rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslTrustStoreConfigurator.java | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslTrustStoreConfigurator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslTrustStoreConfigurator.java index 6855ffbf386..059c91aecd3 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslTrustStoreConfigurator.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzSslTrustStoreConfigurator.java @@ -7,7 +7,6 @@ import com.yahoo.jdisc.http.ssl.SslTrustStoreConfigurator; import com.yahoo.jdisc.http.ssl.SslTrustStoreContext; import com.yahoo.log.LogLevel; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig; -import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.Extension; @@ -98,7 +97,7 @@ public class AthenzSslTrustStoreConfigurator implements SslTrustStoreConfigurato new JcaX509v3CertificateBuilder( x500Name, BigInteger.valueOf(now.toEpochMilli()), notBefore, notAfter, x500Name, keyPair.getPublic() ) - .addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true)) + .addExtension(Extension.basicConstraints, true, new BasicConstraints(true)) .addExtension(Extension.subjectAlternativeName, false, generalNames); return new JcaX509CertificateConverter() |