Package tigase.io
Class CertificateContainer
java.lang.Object
tigase.io.CertificateContainer
- All Implemented Interfaces:
RepositoryChangeListenerIfc<CertificateItem>
,CertificateContainerIfc
,Initializable
,RegistrarBean
,UnregisterAware
@Bean(name="certificate-container",
parent=Kernel.class,
active=true,
exportable=true)
public class CertificateContainer
extends Object
implements CertificateContainerIfc, Initializable, UnregisterAware, RegistrarBean, RepositoryChangeListenerIfc<CertificateItem>
Class used to keep SSL certificates loaded in memory. To get instance use getter from TLSUtil class.
Created by andrzej on 29.02.2016.
Created by andrzej on 29.02.2016.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Event indicating certificate change that will be distributed in the cluster.class
-
Field Summary
FieldsFields inherited from interface tigase.io.CertificateContainerIfc
CERTIFICATE_CONTAINER_CLASS_KEY, CERTIFICATE_CONTAINER_CLASS_VAL
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
addCertificates
(Map<String, String> params) MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized.void
Method called before bean unregister.void
createCertificate
(String alias) MethodcreateCertificate
allows to generate self-signed certificate for passed domain name.sgetCertificateEntry
(String hostname) Method to retrieve default alias of certificate to use when domain isnull
getKeyManagers
(String hostname) Method returns array ofKeyManager
with certificate for domain ornull
if there is no certificate for domainvoid
Method used to pass parameters to initialize instance of classvoid
Method will be called, when bean will be created, configured and ready to use.void
itemAdded
(CertificateItem item) void
itemRemoved
(CertificateItem item) void
itemUpdated
(CertificateItem item) void
Method called when bean is being registered allowing developer to programatically register other beans.void
setRepository
(CertificateRepository repository) void
unregister
(Kernel kernel) Method called while bean is being unregistered.
-
Field Details
-
PER_DOMAIN_CERTIFICATE_KEY
- See Also:
-
SNI_DISABLE_KEY
- See Also:
-
-
Constructor Details
-
CertificateContainer
public CertificateContainer()
-
-
Method Details
-
setRepository
-
addCertificates
Description copied from interface:CertificateContainerIfc
MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.- Specified by:
addCertificates
in interfaceCertificateContainerIfc
- Parameters:
params
- aMap
value with configuration parameters.- Throws:
CertificateParsingException
-
createCertificate
public KeyManager[] createCertificate(String alias) throws NoSuchAlgorithmException, CertificateException, SignatureException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableKeyException, KeyStoreException Description copied from interface:CertificateContainerIfc
MethodcreateCertificate
allows to generate self-signed certificate for passed domain name.s- Specified by:
createCertificate
in interfaceCertificateContainerIfc
- Parameters:
alias
- domain for which certificate should be generated- Returns:
- an array of
KeyManager
containing generated certificate - Throws:
NoSuchAlgorithmException
CertificateException
SignatureException
NoSuchProviderException
InvalidKeyException
IOException
UnrecoverableKeyException
KeyStoreException
-
getDefCertAlias
Description copied from interface:CertificateContainerIfc
Method to retrieve default alias of certificate to use when domain isnull
- Specified by:
getDefCertAlias
in interfaceCertificateContainerIfc
- Returns:
- default alias
-
getCertificateEntry
- Specified by:
getCertificateEntry
in interfaceCertificateContainerIfc
-
getKeyManagers
Description copied from interface:CertificateContainerIfc
Method returns array ofKeyManager
with certificate for domain ornull
if there is no certificate for domain- Specified by:
getKeyManagers
in interfaceCertificateContainerIfc
-
getTrustManagers
- Specified by:
getTrustManagers
in interfaceCertificateContainerIfc
-
getTrustStore
- Specified by:
getTrustStore
in interfaceCertificateContainerIfc
-
init
Description copied from interface:CertificateContainerIfc
Method used to pass parameters to initialize instance of class- Specified by:
init
in interfaceCertificateContainerIfc
-
itemAdded
- Specified by:
itemAdded
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemUpdated
- Specified by:
itemUpdated
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemRemoved
- Specified by:
itemRemoved
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
initialize
public void initialize()Description copied from interface:Initializable
Method will be called, when bean will be created, configured and ready to use.- Specified by:
initialize
in interfaceInitializable
-
beforeUnregister
public void beforeUnregister()Description copied from interface:UnregisterAware
Method called before bean unregister.- Specified by:
beforeUnregister
in interfaceUnregisterAware
-
certificateChange
-
register
Description copied from interface:RegistrarBean
Method called when bean is being registered allowing developer to programatically register other beans.- Specified by:
register
in interfaceRegistrarBean
- Parameters:
kernel
- - instance from local scope
-
unregister
Description copied from interface:RegistrarBean
Method called while bean is being unregistered.- Specified by:
unregister
in interfaceRegistrarBean
- Parameters:
kernel
- - instance from local scope
-