Package tigase.io
Class CertificateContainer
- java.lang.Object
-
- tigase.io.CertificateContainer
-
- All Implemented Interfaces:
RepositoryChangeListenerIfc<CertificateItem>
,CertificateContainerIfc
,Initializable
,RegistrarBean
,UnregisterAware
@Bean(name="certificate-container", parent=Kernel.class, active=true, exportable=true) public class CertificateContainer extends java.lang.Object implements CertificateContainerIfc, Initializable, UnregisterAware, RegistrarBean, RepositoryChangeListenerIfc<CertificateItem>
Class used to keep SSL certificates loaded in memory. To get instance use getter from TLSUtil class.
Created by andrzej on 29.02.2016.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
CertificateContainer.CertificateChange
Event indicating certificate change that will be distributed in the cluster.class
CertificateContainer.CertificateChanged
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
PER_DOMAIN_CERTIFICATE_KEY
static java.lang.String
SNI_DISABLE_KEY
-
Fields inherited from interface tigase.io.CertificateContainerIfc
CERTIFICATE_CONTAINER_CLASS_KEY, CERTIFICATE_CONTAINER_CLASS_VAL
-
-
Constructor Summary
Constructors Constructor Description CertificateContainer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCertificates(java.util.Map<java.lang.String,java.lang.String> params)
MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized.void
beforeUnregister()
Method called before bean unregister.void
certificateChange(CertificateContainer.CertificateChange event)
javax.net.ssl.KeyManager[]
createCertificate(java.lang.String alias)
MethodcreateCertificate
allows to generate self-signed certificate for passed domain name.sCertificateEntry
getCertificateEntry(java.lang.String hostname)
java.lang.String
getDefCertAlias()
Method to retrieve default alias of certificate to use when domain isnull
javax.net.ssl.KeyManager[]
getKeyManagers(java.lang.String hostname)
Method returns array ofKeyManager
with certificate for domain ornull
if there is no certificate for domainjavax.net.ssl.TrustManager[]
getTrustManagers()
java.security.KeyStore
getTrustStore()
void
init(java.util.Map<java.lang.String,java.lang.Object> params)
Method used to pass parameters to initialize instance of classvoid
initialize()
Method will be called, when bean will be created, configured and ready to use.void
itemAdded(CertificateItem item)
void
itemRemoved(CertificateItem item)
void
itemUpdated(CertificateItem item)
void
register(Kernel kernel)
Method called when bean is being registered allowing developer to programatically register other beans.void
setRepository(CertificateRepository repository)
void
unregister(Kernel kernel)
Method called while bean is being unregistered.
-
-
-
Field Detail
-
PER_DOMAIN_CERTIFICATE_KEY
public static final java.lang.String PER_DOMAIN_CERTIFICATE_KEY
- See Also:
- Constant Field Values
-
SNI_DISABLE_KEY
public static final java.lang.String SNI_DISABLE_KEY
- See Also:
- Constant Field Values
-
-
Method Detail
-
setRepository
public void setRepository(CertificateRepository repository)
-
addCertificates
public void addCertificates(java.util.Map<java.lang.String,java.lang.String> params) throws java.security.cert.CertificateParsingException
Description copied from interface:CertificateContainerIfc
MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.- Specified by:
addCertificates
in interfaceCertificateContainerIfc
- Parameters:
params
- aMap
value with configuration parameters.- Throws:
java.security.cert.CertificateParsingException
-
createCertificate
public javax.net.ssl.KeyManager[] createCertificate(java.lang.String alias) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.security.SignatureException, java.security.NoSuchProviderException, java.security.InvalidKeyException, java.io.IOException, java.security.UnrecoverableKeyException, java.security.KeyStoreException
Description copied from interface:CertificateContainerIfc
MethodcreateCertificate
allows to generate self-signed certificate for passed domain name.s- Specified by:
createCertificate
in interfaceCertificateContainerIfc
- Parameters:
alias
- domain for which certificate should be generated- Returns:
- an array of
KeyManager
containing generated certificate - Throws:
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
java.security.SignatureException
java.security.NoSuchProviderException
java.security.InvalidKeyException
java.io.IOException
java.security.UnrecoverableKeyException
java.security.KeyStoreException
-
getDefCertAlias
public java.lang.String getDefCertAlias()
Description copied from interface:CertificateContainerIfc
Method to retrieve default alias of certificate to use when domain isnull
- Specified by:
getDefCertAlias
in interfaceCertificateContainerIfc
- Returns:
- default alias
-
getCertificateEntry
public CertificateEntry getCertificateEntry(java.lang.String hostname)
- Specified by:
getCertificateEntry
in interfaceCertificateContainerIfc
-
getKeyManagers
public javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String hostname)
Description copied from interface:CertificateContainerIfc
Method returns array ofKeyManager
with certificate for domain ornull
if there is no certificate for domain- Specified by:
getKeyManagers
in interfaceCertificateContainerIfc
-
getTrustManagers
public javax.net.ssl.TrustManager[] getTrustManagers()
- Specified by:
getTrustManagers
in interfaceCertificateContainerIfc
-
getTrustStore
public java.security.KeyStore getTrustStore()
- Specified by:
getTrustStore
in interfaceCertificateContainerIfc
-
init
public void init(java.util.Map<java.lang.String,java.lang.Object> params)
Description copied from interface:CertificateContainerIfc
Method used to pass parameters to initialize instance of class- Specified by:
init
in interfaceCertificateContainerIfc
-
itemAdded
public void itemAdded(CertificateItem item)
- Specified by:
itemAdded
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemUpdated
public void itemUpdated(CertificateItem item)
- Specified by:
itemUpdated
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemRemoved
public void itemRemoved(CertificateItem item)
- Specified by:
itemRemoved
in interfaceRepositoryChangeListenerIfc<CertificateItem>
-
initialize
public void initialize()
Description copied from interface:Initializable
Method will be called, when bean will be created, configured and ready to use.- Specified by:
initialize
in interfaceInitializable
-
beforeUnregister
public void beforeUnregister()
Description copied from interface:UnregisterAware
Method called before bean unregister.- Specified by:
beforeUnregister
in interfaceUnregisterAware
-
certificateChange
@HandleEvent public void certificateChange(CertificateContainer.CertificateChange event)
-
register
public void register(Kernel kernel)
Description copied from interface:RegistrarBean
Method called when bean is being registered allowing developer to programatically register other beans.- Specified by:
register
in interfaceRegistrarBean
- Parameters:
kernel
- - instance from local scope
-
unregister
public void unregister(Kernel kernel)
Description copied from interface:RegistrarBean
Method called while bean is being unregistered.- Specified by:
unregister
in interfaceRegistrarBean
- Parameters:
kernel
- - instance from local scope
-
-