Package tigase.io
Class CertificateContainer
- java.lang.Object
-
- tigase.io.CertificateContainer
-
- All Implemented Interfaces:
RepositoryChangeListenerIfc<CertificateItem>,CertificateContainerIfc,Initializable,RegistrarBean,UnregisterAware
@Bean(name="certificate-container", parent=Kernel.class, active=true, exportable=true) public class CertificateContainer extends java.lang.Object implements CertificateContainerIfc, Initializable, UnregisterAware, RegistrarBean, RepositoryChangeListenerIfc<CertificateItem>
Class used to keep SSL certificates loaded in memory. To get instance use getter from TLSUtil class.
Created by andrzej on 29.02.2016.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classCertificateContainer.CertificateChangeEvent indicating certificate change that will be distributed in the cluster.classCertificateContainer.CertificateChanged
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringPER_DOMAIN_CERTIFICATE_KEYstatic java.lang.StringSNI_DISABLE_KEY-
Fields inherited from interface tigase.io.CertificateContainerIfc
CERTIFICATE_CONTAINER_CLASS_KEY, CERTIFICATE_CONTAINER_CLASS_VAL
-
-
Constructor Summary
Constructors Constructor Description CertificateContainer()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddCertificates(java.util.Map<java.lang.String,java.lang.String> params)MethodaddCertificatesallows to add more certificates at run time after the container has bee already initialized.voidbeforeUnregister()Method called before bean unregister.voidcertificateChange(CertificateContainer.CertificateChange event)javax.net.ssl.KeyManager[]createCertificate(java.lang.String alias)MethodcreateCertificateallows to generate self-signed certificate for passed domain name.sCertificateEntrygetCertificateEntry(java.lang.String hostname)java.lang.StringgetDefCertAlias()Method to retrieve default alias of certificate to use when domain isnulljavax.net.ssl.KeyManager[]getKeyManagers(java.lang.String hostname)Method returns array ofKeyManagerwith certificate for domain ornullif there is no certificate for domainjavax.net.ssl.TrustManager[]getTrustManagers()java.security.KeyStoregetTrustStore()voidinit(java.util.Map<java.lang.String,java.lang.Object> params)Method used to pass parameters to initialize instance of classvoidinitialize()Method will be called, when bean will be created, configured and ready to use.voiditemAdded(CertificateItem item)voiditemRemoved(CertificateItem item)voiditemUpdated(CertificateItem item)voidregister(Kernel kernel)Method called when bean is being registered allowing developer to programatically register other beans.voidsetRepository(CertificateRepository repository)voidunregister(Kernel kernel)Method called while bean is being unregistered.
-
-
-
Field Detail
-
PER_DOMAIN_CERTIFICATE_KEY
public static final java.lang.String PER_DOMAIN_CERTIFICATE_KEY
- See Also:
- Constant Field Values
-
SNI_DISABLE_KEY
public static final java.lang.String SNI_DISABLE_KEY
- See Also:
- Constant Field Values
-
-
Method Detail
-
setRepository
public void setRepository(CertificateRepository repository)
-
addCertificates
public void addCertificates(java.util.Map<java.lang.String,java.lang.String> params) throws java.security.cert.CertificateParsingExceptionDescription copied from interface:CertificateContainerIfcMethodaddCertificatesallows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.- Specified by:
addCertificatesin interfaceCertificateContainerIfc- Parameters:
params- aMapvalue with configuration parameters.- Throws:
java.security.cert.CertificateParsingException
-
createCertificate
public javax.net.ssl.KeyManager[] createCertificate(java.lang.String alias) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.security.SignatureException, java.security.NoSuchProviderException, java.security.InvalidKeyException, java.io.IOException, java.security.UnrecoverableKeyException, java.security.KeyStoreExceptionDescription copied from interface:CertificateContainerIfcMethodcreateCertificateallows to generate self-signed certificate for passed domain name.s- Specified by:
createCertificatein interfaceCertificateContainerIfc- Parameters:
alias- domain for which certificate should be generated- Returns:
- an array of
KeyManagercontaining generated certificate - Throws:
java.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.security.SignatureExceptionjava.security.NoSuchProviderExceptionjava.security.InvalidKeyExceptionjava.io.IOExceptionjava.security.UnrecoverableKeyExceptionjava.security.KeyStoreException
-
getDefCertAlias
public java.lang.String getDefCertAlias()
Description copied from interface:CertificateContainerIfcMethod to retrieve default alias of certificate to use when domain isnull- Specified by:
getDefCertAliasin interfaceCertificateContainerIfc- Returns:
- default alias
-
getCertificateEntry
public CertificateEntry getCertificateEntry(java.lang.String hostname)
- Specified by:
getCertificateEntryin interfaceCertificateContainerIfc
-
getKeyManagers
public javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String hostname)
Description copied from interface:CertificateContainerIfcMethod returns array ofKeyManagerwith certificate for domain ornullif there is no certificate for domain- Specified by:
getKeyManagersin interfaceCertificateContainerIfc
-
getTrustManagers
public javax.net.ssl.TrustManager[] getTrustManagers()
- Specified by:
getTrustManagersin interfaceCertificateContainerIfc
-
getTrustStore
public java.security.KeyStore getTrustStore()
- Specified by:
getTrustStorein interfaceCertificateContainerIfc
-
init
public void init(java.util.Map<java.lang.String,java.lang.Object> params)
Description copied from interface:CertificateContainerIfcMethod used to pass parameters to initialize instance of class- Specified by:
initin interfaceCertificateContainerIfc
-
itemAdded
public void itemAdded(CertificateItem item)
- Specified by:
itemAddedin interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemUpdated
public void itemUpdated(CertificateItem item)
- Specified by:
itemUpdatedin interfaceRepositoryChangeListenerIfc<CertificateItem>
-
itemRemoved
public void itemRemoved(CertificateItem item)
- Specified by:
itemRemovedin interfaceRepositoryChangeListenerIfc<CertificateItem>
-
initialize
public void initialize()
Description copied from interface:InitializableMethod will be called, when bean will be created, configured and ready to use.- Specified by:
initializein interfaceInitializable
-
beforeUnregister
public void beforeUnregister()
Description copied from interface:UnregisterAwareMethod called before bean unregister.- Specified by:
beforeUnregisterin interfaceUnregisterAware
-
certificateChange
@HandleEvent public void certificateChange(CertificateContainer.CertificateChange event)
-
register
public void register(Kernel kernel)
Description copied from interface:RegistrarBeanMethod called when bean is being registered allowing developer to programatically register other beans.- Specified by:
registerin interfaceRegistrarBean- Parameters:
kernel- - instance from local scope
-
unregister
public void unregister(Kernel kernel)
Description copied from interface:RegistrarBeanMethod called while bean is being unregistered.- Specified by:
unregisterin interfaceRegistrarBean- Parameters:
kernel- - instance from local scope
-
-