Package tigase.io

Class SSLContextContainerAbstract

    • Constructor Detail

    • Method Detail

      • find

        public static <T> T find​(java.util.Map<java.lang.String,​T> lookupMap,
                         java.lang.String domain)
        Generic method responsible for lookup of value in Map where passed key is domain name and in Map wildcard name may be used as a key.

      • addCertificates

        public void addCertificates​(java.util.Map<java.lang.String,​java.lang.String> params)
                     throws java.security.cert.CertificateParsingException
        Description copied from interface: SSLContextContainerIfc
        Method addCertificates allows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.
        Specified by:
        addCertificates in interface SSLContextContainerIfc
        Parameters:
        params - a Map value with configuration parameters.
        Throws:
        java.security.cert.CertificateParsingException

      • getSSLContext

        public javax.net.ssl.SSLContext getSSLContext​(java.lang.String protocol,
                                              java.lang.String hostname,
                                              boolean clientMode)
        Description copied from interface: SSLContextContainerIfc
        Method getSSLContext creates and returns new SSLContext for a given domain (hostname). For creation of the SSLContext a certificate associated with this domain (hostname) should be used. If there is no specific certificate for a given domain then default certificate should be used.
        Specified by:
        getSSLContext in interface SSLContextContainerIfc
        Parameters:
        protocol - a String is either 'SSL' or 'TLS' value.
        hostname - a String value keeps a hostname or domain for SSLContext.
        clientMode - if set SSLContext will be created for client mode (ie. creation of server certificate will be skipped if there is no certificate)
        Returns:
        a SSLContext value

      • getTrustStore

        public java.security.KeyStore getTrustStore()
        Description copied from interface: SSLContextContainerIfc
        Returns a trust store with all trusted certificates.
        Specified by:
        getTrustStore in interface SSLContextContainerIfc
        Returns:
        a KeyStore with all trusted certificates, the KeyStore can be empty but cannot be null.

      • createCertificate

        protected javax.net.ssl.KeyManager[] createCertificate​(java.lang.String alias)
                                                throws java.lang.Exception
        Throws:
        java.lang.Exception

      • createContextHolder

        protected SSLContextContainerAbstract.SSLHolder createContextHolder​(java.lang.String protocol,
                                                                    java.lang.String hostname,
                                                                    java.lang.String alias,
                                                                    boolean clientMode,
                                                                    javax.net.ssl.TrustManager[] tms)
                                                             throws java.lang.Exception
        Common method used to create SSLContext instance based on provided parameters
        Throws:
        java.lang.Exception

      • getDefCertAlias

        protected java.lang.String getDefCertAlias()

      • getKeyManagers

        protected javax.net.ssl.KeyManager[] getKeyManagers​(java.lang.String hostname)

      • getTrustManagers

        protected javax.net.ssl.TrustManager[] getTrustManagers()