Openfire 3.9.0 Javadoc

org.jivesoftware.openfire.net
Class SSLJiveKeyManagerFactory

java.lang.Object
  extended by org.jivesoftware.openfire.net.SSLJiveKeyManagerFactory

public class SSLJiveKeyManagerFactory
extends Object

A custom KeyManagerFactory that creates a key manager list using the default key manager or a standard keystore as specified in openfire.xml. The default keystore provided with the Jive distribution uses the Sun Java Keystore (JKS) and that takes a single password which must apply to both the keystore and the key itself. Users may specify another keystore type and keystore location. Alternatively, don't set a keystore type to use the JVM defaults and configure your JVMs security files (see your JVM documentation) to plug in any KeyManagerFactory provider.

Author:
Iain Shigeoka

Constructor Summary
SSLJiveKeyManagerFactory()
           
 
Method Summary
static KeyManager[] getKeyManagers(KeyStore keystore, String keypass)
           
static KeyManager[] getKeyManagers(String storeType, String keystore, String keypass)
          Creates a KeyManager list which is null if the storeType is null, or is a standard KeyManager that uses a KeyStore of type storeType, located at 'keystore' location under home, and uses 'keypass' as the password for the keystore password and key password.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SSLJiveKeyManagerFactory

public SSLJiveKeyManagerFactory()
Method Detail

getKeyManagers

public static KeyManager[] getKeyManagers(String storeType,
                                          String keystore,
                                          String keypass)
                                   throws NoSuchAlgorithmException,
                                          KeyStoreException,
                                          IOException,
                                          CertificateException,
                                          UnrecoverableKeyException
Creates a KeyManager list which is null if the storeType is null, or is a standard KeyManager that uses a KeyStore of type storeType, located at 'keystore' location under home, and uses 'keypass' as the password for the keystore password and key password. The default Jive keystore contains a self-signed X509 certificate pair under the alias '127.0.0.1' in a Java KeyStore (JKS) with initial password 'changeit'. This is sufficient for local host testing but should be using standard key management tools for any significant testing or deployment. See the Jive XMPP server security documentation for more information.

Parameters:
storeType - The type of keystore (e.g. "JKS") to use or null to indicate no keystore should be used
keystore - The relative location of the keystore under home
keypass - The password for the keystore and key
Returns:
An array of relevant KeyManagers (may be null indicating a default KeyManager should be created)
Throws:
NoSuchAlgorithmException - If the keystore type doesn't exist (not provided or configured with your JVM)
KeyStoreException - If the keystore is corrupt
IOException - If the keystore could not be located or loaded
CertificateException - If there were no certificates to be loaded or they are invalid
UnrecoverableKeyException - If they keystore coud not be opened (typically the password is bad)

getKeyManagers

public static KeyManager[] getKeyManagers(KeyStore keystore,
                                          String keypass)

Openfire 3.9.0 Javadoc

Copyright © 2003-2008 Jive Software.