Package tigase.io
Class SSLContextContainerAbstract
java.lang.Object
tigase.io.SSLContextContainerAbstract
- All Implemented Interfaces:
SSLContextContainerIfc,Lifecycle
- Direct Known Subclasses:
SSLContextContainer
Created by andrzej on 29.02.2016.
-
Nested Class Summary
Nested Classes -
Field Summary
Fields inherited from interface tigase.io.SSLContextContainerIfc
ALLOW_INVALID_CERTS_KEY, ALLOW_INVALID_CERTS_VAL, ALLOW_SELF_SIGNED_CERTS_KEY, ALLOW_SELF_SIGNED_CERTS_VAL, CERT_ALIAS_KEY, CERT_SAVE_TO_DISK_KEY, DEFAULT_DOMAIN_CERT_KEY, DEFAULT_DOMAIN_CERT_VAL, JKS_KEYSTORE_FILE_KEY, JKS_KEYSTORE_FILE_VAL, JKS_KEYSTORE_PWD_KEY, JKS_KEYSTORE_PWD_VAL, PEM_CERTIFICATE_KEY, SERVER_CERTS_LOCATION_KEY, SERVER_CERTS_LOCATION_VAL, SSL_CONTAINER_CLASS_KEY, SSL_CONTAINER_CLASS_VAL, TRUSTED_CERTS_DIR_KEY, TRUSTED_CERTS_DIR_VAL, TRUSTSTORE_FILE_KEY, TRUSTSTORE_FILE_VAL, TRUSTSTORE_PWD_KEY, TRUSTSTORE_PWD_VAL -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidaddCertificates(Map<String, String> params) MethodaddCertificatesallows to add more certificates at run time after the container has bee already initialized.protected KeyManager[]createCertificate(String alias) protected SSLContextContainerAbstract.SSLHoldercreateContextHolder(String protocol, String hostname, String alias, boolean clientMode, TrustManager[] tms) Common method used to create SSLContext instance based on provided parametersprotected SSLContextcreateSSLContext(String protocol) static <T> TGeneric method responsible for lookup of value inMapwhere passed key is domain name and inMapwildcard name may be used as a key.protected Stringprotected KeyManager[]getKeyManagers(String hostname) getSSLContext(String protocol, String hostname, boolean clientMode) MethodgetSSLContextcreates and returns new SSLContext for a given domain (hostname).protected TrustManager[]Returns a trust store with all trusted certificates.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface tigase.io.SSLContextContainerIfc
createIoInterface, createIoInterface, getEnabledCiphers, getEnabledCiphers, getEnabledProtocols, getEnabledProtocols, getSSLContext
-
Constructor Details
-
SSLContextContainerAbstract
-
-
Method Details
-
find
Generic method responsible for lookup of value inMapwhere passed key is domain name and inMapwildcard name may be used as a key. -
addCertificates
Description copied from interface:SSLContextContainerIfcMethodaddCertificatesallows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.- Specified by:
addCertificatesin interfaceSSLContextContainerIfc- Parameters:
params- aMapvalue with configuration parameters.- Throws:
CertificateParsingException
-
getSSLContext
Description copied from interface:SSLContextContainerIfcMethodgetSSLContextcreates and returns new SSLContext for a given domain (hostname). For creation of the SSLContext a certificate associated with this domain (hostname) should be used. If there is no specific certificate for a given domain then default certificate should be used.- Specified by:
getSSLContextin interfaceSSLContextContainerIfc- Parameters:
protocol- aStringis either 'SSL' or 'TLS' value.hostname- aStringvalue keeps a hostname or domain for SSLContext.clientMode- if set SSLContext will be created for client mode (ie. creation of server certificate will be skipped if there is no certificate)- Returns:
- a
SSLContextvalue
-
getTrustStore
Description copied from interface:SSLContextContainerIfcReturns a trust store with all trusted certificates.- Specified by:
getTrustStorein interfaceSSLContextContainerIfc- Returns:
- a KeyStore with all trusted certificates, the KeyStore can be empty but cannot be null.
-
createCertificate
- Throws:
Exception
-
createSSLContext
protected SSLContext createSSLContext(String protocol) throws NoSuchAlgorithmException, NoSuchProviderException -
createContextHolder
protected SSLContextContainerAbstract.SSLHolder createContextHolder(String protocol, String hostname, String alias, boolean clientMode, TrustManager[] tms) throws Exception Common method used to create SSLContext instance based on provided parameters- Throws:
Exception
-
getDefCertAlias
-
getKeyManagers
-
getTrustManagers
-