Zugriff auf LDAP der Bundesnetzagentur
Problem: Ich möchte jede Nacht die neuesten qualifizierten Signaturen der akkreditierten Anbieter der Bundesnetzagentur runterladen und diese in einem Java-Keystore speichern!
Bundesnetzagentur
Lösung:
BouncyCastle downloaden und installieren Download
Einen Job anlegen:
public class KeyStoreUpdateJob extends QuartzJobBean { private static final Logger logger = Logger.getLogger(KeyStoreUpdateJob.class); private KeyStore accreditedKeyStore; @Override protected void executeInternal(JobExecutionContext context) throws JobExecutionException { accreditedKeyStore = KeyStore.getInstance("JKS"); accreditedKeyStore.load(new FileInputStream(new File("path_to_keystore")), "password".toCharArray()); Builder builder = new X509LDAPCertStoreParameters.Builder("ldap://ldap.nrca-ds.de:389","dc=ldap,dc=nrca-ds,dc=de"); CertStore ldapCertStrore = CertStore.getInstance("LDAP", builder.build(),"BC"); X509CertSelector selector = new X509CertSelector(); //First we load all certificates from LDAP try { Iterator iterator = ldapCertStrore.getCertificates(selector).iterator(); while(iterator.hasNext()) { X509Certificate crl = (X509Certificate )iterator.next(); accreditedKeyStore.setCertificateEntry(crl.getSubjectDN().getName(), crl); } //After that we save all in the keystore FileOutputStream fos = null; try { fos = new FileOutputStream(new File("path_to_keystore")); accreditedKeyStore.store(fos, "password".toCharArray()); fos.flush(); fos.close(); logger.info("Keystore was updated with Certificates from LDAP(Netzagentur) and from Folder"); } catch (CertificateException e) { logger.error(e.getMessage()); } finally { IOUtils.closeQuietly(fos); } } catch (CertStoreException e) { logger.error(e.getMessage()); } } }
Den Job in Spring verdrahten: