Package tigase.io
Class SSLContextContainerAbstract
- java.lang.Object
-
- tigase.io.SSLContextContainerAbstract
-
- All Implemented Interfaces:
SSLContextContainerIfc
,Lifecycle
- Direct Known Subclasses:
SSLContextContainer
public abstract class SSLContextContainerAbstract extends java.lang.Object implements SSLContextContainerIfc
Created by andrzej on 29.02.2016.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected class
SSLContextContainerAbstract.SSLHolder
-
Field Summary
-
Fields inherited from interface tigase.io.SSLContextContainerIfc
ALLOW_INVALID_CERTS_KEY, ALLOW_INVALID_CERTS_VAL, ALLOW_SELF_SIGNED_CERTS_KEY, ALLOW_SELF_SIGNED_CERTS_VAL, CERT_ALIAS_KEY, CERT_SAVE_TO_DISK_KEY, DEFAULT_DOMAIN_CERT_KEY, DEFAULT_DOMAIN_CERT_VAL, JKS_KEYSTORE_FILE_KEY, JKS_KEYSTORE_FILE_VAL, JKS_KEYSTORE_PWD_KEY, JKS_KEYSTORE_PWD_VAL, PEM_CERTIFICATE_KEY, SERVER_CERTS_LOCATION_KEY, SERVER_CERTS_LOCATION_VAL, SSL_CONTAINER_CLASS_KEY, SSL_CONTAINER_CLASS_VAL, TRUSTED_CERTS_DIR_KEY, TRUSTED_CERTS_DIR_VAL, TRUSTSTORE_FILE_KEY, TRUSTSTORE_FILE_VAL, TRUSTSTORE_PWD_KEY, TRUSTSTORE_PWD_VAL
-
-
Constructor Summary
Constructors Constructor Description SSLContextContainerAbstract(CertificateContainerIfc certContainer)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCertificates(java.util.Map<java.lang.String,java.lang.String> params)
MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized.protected javax.net.ssl.KeyManager[]
createCertificate(java.lang.String alias)
protected SSLContextContainerAbstract.SSLHolder
createContextHolder(java.lang.String protocol, java.lang.String hostname, java.lang.String alias, boolean clientMode, javax.net.ssl.TrustManager[] tms)
Common method used to create SSLContext instance based on provided parametersstatic <T> T
find(java.util.Map<java.lang.String,T> lookupMap, java.lang.String domain)
Generic method responsible for lookup of value inMap
where passed key is domain name and inMap
wildcard name may be used as a key.protected java.lang.String
getDefCertAlias()
protected javax.net.ssl.KeyManager[]
getKeyManagers(java.lang.String hostname)
javax.net.ssl.SSLContext
getSSLContext(java.lang.String protocol, java.lang.String hostname, boolean clientMode)
MethodgetSSLContext
creates and returns new SSLContext for a given domain (hostname).protected javax.net.ssl.TrustManager[]
getTrustManagers()
java.security.KeyStore
getTrustStore()
Returns a trust store with all trusted certificates.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface tigase.io.SSLContextContainerIfc
createIoInterface, createIoInterface, getEnabledCiphers, getEnabledCiphers, getEnabledProtocols, getEnabledProtocols, getSSLContext
-
-
-
-
Constructor Detail
-
SSLContextContainerAbstract
public SSLContextContainerAbstract(CertificateContainerIfc certContainer)
-
-
Method Detail
-
find
public static <T> T find(java.util.Map<java.lang.String,T> lookupMap, java.lang.String domain)
Generic method responsible for lookup of value inMap
where passed key is domain name and inMap
wildcard name may be used as a key.
-
addCertificates
public void addCertificates(java.util.Map<java.lang.String,java.lang.String> params) throws java.security.cert.CertificateParsingException
Description copied from interface:SSLContextContainerIfc
MethodaddCertificates
allows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.- Specified by:
addCertificates
in interfaceSSLContextContainerIfc
- Parameters:
params
- aMap
value with configuration parameters.- Throws:
java.security.cert.CertificateParsingException
-
getSSLContext
public javax.net.ssl.SSLContext getSSLContext(java.lang.String protocol, java.lang.String hostname, boolean clientMode)
Description copied from interface:SSLContextContainerIfc
MethodgetSSLContext
creates and returns new SSLContext for a given domain (hostname). For creation of the SSLContext a certificate associated with this domain (hostname) should be used. If there is no specific certificate for a given domain then default certificate should be used.- Specified by:
getSSLContext
in interfaceSSLContextContainerIfc
- Parameters:
protocol
- aString
is either 'SSL' or 'TLS' value.hostname
- aString
value keeps a hostname or domain for SSLContext.clientMode
- if set SSLContext will be created for client mode (ie. creation of server certificate will be skipped if there is no certificate)- Returns:
- a
SSLContext
value
-
getTrustStore
public java.security.KeyStore getTrustStore()
Description copied from interface:SSLContextContainerIfc
Returns a trust store with all trusted certificates.- Specified by:
getTrustStore
in interfaceSSLContextContainerIfc
- Returns:
- a KeyStore with all trusted certificates, the KeyStore can be empty but cannot be null.
-
createCertificate
protected javax.net.ssl.KeyManager[] createCertificate(java.lang.String alias) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createContextHolder
protected SSLContextContainerAbstract.SSLHolder createContextHolder(java.lang.String protocol, java.lang.String hostname, java.lang.String alias, boolean clientMode, javax.net.ssl.TrustManager[] tms) throws java.lang.Exception
Common method used to create SSLContext instance based on provided parameters- Throws:
java.lang.Exception
-
getDefCertAlias
protected java.lang.String getDefCertAlias()
-
getKeyManagers
protected javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String hostname)
-
getTrustManagers
protected javax.net.ssl.TrustManager[] getTrustManagers()
-
-