57 super.validateConfiguration(session, realm, model);
59 ConfigurationValidationHelper.check(model)
60 .checkSingle(Attributes.PRIVATE_KEY_PROPERTY,
true)
61 .checkSingle(Attributes.CERTIFICATE_PROPERTY,
false);
65 PrivateKey privateKey = PemUtils.decodePrivateKey(model.get(Attributes.PRIVATE_KEY_KEY));
66 PublicKey publicKey = KeyUtils.extractPublicKey(privateKey);
67 keyPair =
new KeyPair(publicKey, privateKey);
68 }
catch (Throwable t) {
69 throw new ComponentValidationException(
"Failed to decode private key", t);
72 if (model.contains(Attributes.CERTIFICATE_KEY)) {
73 Certificate certificate = null;
75 certificate = PemUtils.decodeCertificate(model.get(Attributes.CERTIFICATE_KEY));
76 }
catch (Throwable t) {
77 throw new ComponentValidationException(
"Failed to decode certificate", t);
80 if (certificate == null) {
81 throw new ComponentValidationException(
"Failed to decode certificate");
84 if (!certificate.getPublicKey().equals(keyPair.getPublic())) {
85 throw new ComponentValidationException(
"Certificate does not match private key");
89 Certificate certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPair, realm.getName());
90 model.put(Attributes.CERTIFICATE_KEY, PemUtils.encodeCertificate(certificate));
91 }
catch (Throwable t) {
92 throw new ComponentValidationException(
"Failed to generate self-signed certificate");