validate(csrModel, server, httpClient, notBefore, notAfter);
KeyPair keyPair = new KeyPair(csrModel.getPublicKey(), csrModel.getPrivateKey());
+ final String iak = server.getAuthentication().getIak();
+ final PkiMessageProtection pkiMessageProtection = new PasswordBasedProtection(iak);
final CreateCertRequest certRequest =
CmpMessageBuilder.of(CreateCertRequest::new)
.with(CreateCertRequest::setIssuerDn, server.getIssuerDN())
.with(CreateCertRequest::setSubjectKeyPair, keyPair)
.with(CreateCertRequest::setNotBefore, notBefore)
.with(CreateCertRequest::setNotAfter, notAfter)
- .with(CreateCertRequest::setInitAuthPassword, server.getAuthentication().getIak())
.with(CreateCertRequest::setSenderKid, server.getAuthentication().getRv())
+ .with(CreateCertRequest::setProtection, pkiMessageProtection)
.build();
final PKIMessage pkiMessage = certRequest.generateCertReq();
}
private void logServerResponse(CertResponse certResponse) {
- LOG.info("Response status code: {}", certResponse.getStatus().getStatus().toString());
+ if (LOG.isInfoEnabled()) {
+ LOG.info("Response status code: {}", certResponse.getStatus().getStatus());
+ }
if (certResponse.getStatus().getStatusString() != null) {
String serverMessage = certResponse.getStatus().getStatusString().getStringAt(0).getString();
LOG.warn("Response status text: {}", serverMessage);
}
- if (certResponse.getStatus().getFailInfo() != null) {
- LOG.warn("Response fail info: {}", certResponse.getStatus().getFailInfo().toString());
+ if (LOG.isWarnEnabled() && certResponse.getStatus().getFailInfo() != null) {
+ LOG.warn("Response fail info: {}", certResponse.getStatus().getFailInfo());
}
}