String csrId = request.getParameter("csrId");
try {
if(type != null && type.equals("ca")){
// Request is to download CA's certificate
// Retrieve CA's certificate from the CertificateStore
CertificateStore certStore = CAHelperUtils.getCertificateStore();
Certificate cert = certStore.getCACertificate();
byte[] data = cert.getEncoded();
// Upload the certificate with mime-header for CA certificates
response.setContentType("application/x-x509-ca-cert");
response.setContentLength(data.length);
response.getOutputStream().write(data);
} else if(csrId != null){
// Request is to download user's own certificate
// Get the serial number of the certificate based on the csrId
CertificateRequestStore certReqStore = CAHelperUtils.getCertificateRequestStore();
BigInteger sNo = certReqStore.getSerialNumberForRequest(csrId);
if(sNo == null) {
// Either the CSR is yet to be fulfilled or the csrId is invalid.
throw new Exception("Either the CSR is yet to be fulfilled or the csrId is invalid. csrId = "+csrId);
}
CertificateStore certStore = CAHelperUtils.getCertificateStore();
Certificate cert = certStore.getCertificate(sNo);
byte[] data = cert.getEncoded();
// Create a link for "verify certificate" page.
String host = request.getServerName();
int port = CAHelperUtils.getHttpsClientAuthPort();