fix: certificate mismatch with private key

NiccoMlt · Oct 18, 2024 · 69071d2 · 69071d2
1 parent 6135ee2
commit 69071d2
Showing 1 changed file with 5 additions and 6 deletions.
diff --git a/src/main/java/com/diennea/carapace/Main.java b/src/main/java/com/diennea/carapace/Main.java
@@ -130,9 +130,8 @@ public static void main(final String... args) throws Exception {
         saveCertificateToFile(rootCa, "rootCA.crt");
 
         // ... and generate an HTTPS certificate signed by the CA
-        final KeyPair keyPair = generateKeyPair();
-        final X509Certificate httpsCertificate1 = buildHttpsCertificate(keyPair, rootCa, contentSigner);
-        final X509Certificate httpsCertificate2 = buildHttpsCertificate(keyPair, rootCa, contentSigner);
+        final X509Certificate httpsCertificate1 = buildHttpsCertificate(rootCa, contentSigner);
+        final X509Certificate httpsCertificate2 = buildHttpsCertificate(rootCa, contentSigner);
 
         // Save the HTTPS certificate to a file
         saveCertificateToFile(httpsCertificate1, "httpsCertificate1.crt");
@@ -147,7 +146,7 @@ public static void main(final String... args) throws Exception {
 
 //        ocspResponder.onDispose().block();
 
-        final DisposableServer server = setupHttpServer(rootCa, keyPair.getPrivate(), httpsCertificate1, httpsCertificate2);
+        final DisposableServer server = setupHttpServer(rootCa, rootKeyPair.getPrivate(), httpsCertificate1, httpsCertificate2);
 
 //        server.onDispose().block();
 
@@ -228,7 +227,7 @@ private static void saveCertificateToFile(X509Certificate certificate, String fi
         System.out.println("Saved certificate to " + filename);
     }
 
-    private static X509Certificate buildHttpsCertificate(final KeyPair keyPair, final X509Certificate rootCa, final ContentSigner contentSigner) throws CertificateException, IOException {
+    private static X509Certificate buildHttpsCertificate(final X509Certificate rootCa, final ContentSigner contentSigner) throws CertificateException, IOException {
         final var subject = new X500NameBuilder()
                 .addRDN(BCStyle.CN, new DERUTF8String(HOST))
                 .addRDN(BCStyle.OU, new DERUTF8String("Italy"))
@@ -243,7 +242,7 @@ private static X509Certificate buildHttpsCertificate(final KeyPair keyPair, fina
                 rootCa.getNotBefore(),
                 rootCa.getNotAfter(),
                 subject,
-                keyPair.getPublic()
+                rootCa.getPublicKey()
         );
 
         // Add the AIA extension with the OCSP responder URI