Zugriff auf LDAP der Bundesnetzagentur
Problem: Ich möchte jede Nacht die neuesten qualifizierten Signaturen der akkreditierten Anbieter der Bundesnetzagentur runterladen und diese in einem Java-Keystore speichern!
Bundesnetzagentur
Lösung:
BouncyCastle downloaden und installieren Download
Einen Job anlegen:
public class KeyStoreUpdateJob extends QuartzJobBean
{
private static final Logger logger = Logger.getLogger(KeyStoreUpdateJob.class);
private KeyStore accreditedKeyStore;
@Override
protected void executeInternal(JobExecutionContext context)
throws JobExecutionException
{
accreditedKeyStore = KeyStore.getInstance("JKS");
accreditedKeyStore.load(new FileInputStream(new File("path_to_keystore")), "password".toCharArray());
Builder builder = new X509LDAPCertStoreParameters.Builder("ldap://ldap.nrca-ds.de:389","dc=ldap,dc=nrca-ds,dc=de");
CertStore ldapCertStrore = CertStore.getInstance("LDAP", builder.build(),"BC");
X509CertSelector selector = new X509CertSelector();
//First we load all certificates from LDAP
try
{
Iterator iterator = ldapCertStrore.getCertificates(selector).iterator();
while(iterator.hasNext())
{
X509Certificate crl = (X509Certificate )iterator.next();
accreditedKeyStore.setCertificateEntry(crl.getSubjectDN().getName(), crl);
}
//After that we save all in the keystore
FileOutputStream fos = null;
try
{
fos = new FileOutputStream(new File("path_to_keystore"));
accreditedKeyStore.store(fos, "password".toCharArray());
fos.flush();
fos.close();
logger.info("Keystore was updated with Certificates from LDAP(Netzagentur) and from Folder");
} catch (CertificateException e)
{
logger.error(e.getMessage());
} finally
{
IOUtils.closeQuietly(fos);
}
} catch (CertStoreException e)
{
logger.error(e.getMessage());
}
}
}
Den Job in Spring verdrahten: