public class SSLContextContainer extends Object implements SSLContextContainerIfc
Modifier and Type | Field and Description |
---|---|
protected String |
def_cert_alias |
protected Map<String,KeyManagerFactory> |
kmfs |
protected X509KeyManager[] |
kms |
static String |
PER_DOMAIN_CERTIFICATE_KEY |
protected Map<String,tigase.io.SSLContextContainer.SSLContextsHolder> |
sslContexts |
ALLOW_INVALID_CERTS_KEY, ALLOW_INVALID_CERTS_VAL, ALLOW_SELF_SIGNED_CERTS_KEY, ALLOW_SELF_SIGNED_CERTS_VAL, CERT_ALIAS_KEY, CERT_SAVE_TO_DISK_KEY, DEFAULT_DOMAIN_CERT_KEY, DEFAULT_DOMAIN_CERT_VAL, JKS_KEYSTORE_FILE_KEY, JKS_KEYSTORE_FILE_VAL, JKS_KEYSTORE_PWD_KEY, JKS_KEYSTORE_PWD_VAL, PEM_CERTIFICATE_KEY, SERVER_CERTS_LOCATION_KEY, SERVER_CERTS_LOCATION_VAL, SSL_CONTAINER_CLASS_KEY, SSL_CONTAINER_CLASS_VAL, TRUSTED_CERTS_DIR_KEY, TRUSTED_CERTS_DIR_VAL, TRUSTSTORE_FILE_KEY, TRUSTSTORE_FILE_VAL, TRUSTSTORE_PWD_KEY, TRUSTSTORE_PWD_VAL
Constructor and Description |
---|
SSLContextContainer() |
Modifier and Type | Method and Description |
---|---|
void |
addCertificates(Map<String,String> params)
Method
addCertificates allows to add more certificates at
run time after the container has bee already initialized. |
static <T> T |
find(Map<String,T> data,
String key) |
SSLContext |
getSSLContext(String protocol,
String hostname,
boolean clientMode)
Method
getSSLContext creates and returns new SSLContext for
a given domain (hostname). |
SSLContext |
getSSLContext(String protocol,
String hostname,
boolean clientMode,
TrustManager... tms) |
KeyStore |
getTrustStore()
Returns a trust store with all trusted certificates.
|
void |
init(Map<String,Object> params)
Method
init method initializes the container. |
public static final String PER_DOMAIN_CERTIFICATE_KEY
protected String def_cert_alias
protected Map<String,KeyManagerFactory> kmfs
protected X509KeyManager[] kms
public void addCertificates(Map<String,String> params) throws CertificateParsingException
SSLContextContainerIfc
addCertificates
allows to add more certificates at
run time after the container has bee already initialized. This is to
avoid server restart if there are certificates updates or new
certificates for new virtual domain. The method should add new
certificates or replace existing one if there is already a certificate
for a domain.addCertificates
in interface SSLContextContainerIfc
params
- a Map
value with configuration parameters.CertificateParsingException
public SSLContext getSSLContext(String protocol, String hostname, boolean clientMode)
SSLContextContainerIfc
getSSLContext
creates and returns new SSLContext for
a given domain (hostname). For creation of the SSLContext a certificate
associated with this domain (hostname) should be used. If there is no
specific certificate for a given domain then default certificate should
be used.getSSLContext
in interface SSLContextContainerIfc
protocol
- a String
is either 'SSL' or 'TLS' value.hostname
- a String
value keeps a hostname or domain for
SSLContext.SSLContext
valuepublic SSLContext getSSLContext(String protocol, String hostname, boolean clientMode, TrustManager... tms)
getSSLContext
in interface SSLContextContainerIfc
public KeyStore getTrustStore()
SSLContextContainerIfc
getTrustStore
in interface SSLContextContainerIfc
public void init(Map<String,Object> params)
SSLContextContainerIfc
init
method initializes the container. If the
container has been already initialized then it should clear all the data
and re-initialize the container with the "fresh" data. If there is only
one certificate loaded it is a default one as well. Otherwise the
certificate from default.pem
file should be used as a
default one. Default certificate can be also set through the settings in
the Map
given as a parameter.
DEFAULT_DOMAIN_CERT_KEY
points to the domain which holds
default certificate.init
in interface SSLContextContainerIfc
params
- a Map
valueCopyright © 2019 "Tigase, Inc.". All rights reserved.