diff options
Diffstat (limited to 'athenz-identity-provider-service')
2 files changed, 4 insertions, 3 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java index 2b91735b104..ad7eeb90f1c 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java @@ -45,7 +45,7 @@ public class CertificateSigner { private static final Logger log = Logger.getLogger(CertificateSigner.class.getName()); static final String SIGNER_ALGORITHM = "SHA256withRSA"; - private static final Duration CERTIIFICATE_DURATION = Duration.ofDays(30); + static final Duration CERTIIFICATE_DURATION = Duration.ofDays(30); private static final List<ASN1ObjectIdentifier> ILLEGAL_EXTENSIONS = Arrays.asList( Extension.basicConstraints, Extension.subjectAlternativeName); @@ -108,6 +108,7 @@ public class CertificateSigner { } } + @SuppressWarnings("unchecked") static void assertCertificateExtensions(PKCS10CertificationRequest request) { List<String> illegalExt = Arrays .stream(request.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSignerTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSignerTest.java index 70ddbd74ff3..461d8e004d6 100644 --- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSignerTest.java +++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSignerTest.java @@ -100,8 +100,8 @@ public class CertificateSignerTest { private void assertCertificate(X509Certificate certificate, String expectedSubjectName, Set<String> expectedExtensions) throws Exception { assertEquals(3, certificate.getVersion()); assertEquals(BigInteger.valueOf(startTime), certificate.getSerialNumber()); - assertEquals("Sat Feb 14 00:31:30 CET 2009", certificate.getNotBefore().toString()); - assertEquals("Mon Mar 16 00:31:30 CET 2009", certificate.getNotAfter().toString()); + assertEquals(startTime, certificate.getNotBefore().getTime()); + assertEquals(startTime + CertificateSigner.CERTIIFICATE_DURATION.toMillis(), certificate.getNotAfter().getTime()); assertEquals(CertificateSigner.SIGNER_ALGORITHM, certificate.getSigAlgName()); assertEquals(expectedSubjectName, certificate.getSubjectDN().getName()); assertEquals("CN=" + cfgServerHostname, certificate.getIssuerX500Principal().getName()); |