package com.aliyun.iotx.edge.tunnel.core.util;

import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.UUID;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:BOOT-INF/lib/iotx-edge-tunnel-core-1.0.0-SNAPSHOT.jar:com/aliyun/iotx/edge/tunnel/core/util/CertUtils.class */
public class CertUtils {
    private static final String KEY_STORE_TYPE = "PKCS12";
    private static final String ROOT = "root";
    private static final String INTERMEDIATE = "intermediate";
    private static final String KEY_STORE_PASSWORD = UUID.randomUUID().toString();
    private static TrustManagerFactory trustManagerFactory = initTrustManagerFactory();

    private static TrustManagerFactory initTrustManagerFactory() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
            keyStore.load(null, KEY_STORE_PASSWORD.toCharArray());
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            keyStore.setCertificateEntry(ROOT, (X509Certificate) certificateFactory.generateCertificate(CertUtils.class.getClassLoader().getResourceAsStream("iotx.edge.tunnel.cert/root.crt")));
            keyStore.setCertificateEntry(INTERMEDIATE, (X509Certificate) certificateFactory.generateCertificate(CertUtils.class.getClassLoader().getResourceAsStream("iotx.edge.tunnel.cert/intermediate.crt")));
            KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(keyStore, KEY_STORE_PASSWORD.toCharArray());
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory2.init(keyStore);
            return trustManagerFactory2;
        } catch (Exception e) {
            throw new RuntimeException("failed to create ssl handler", e);
        }
    }

    public static TrustManagerFactory getTrustManagerFactory() {
        return trustManagerFactory;
    }
}
