public class CertificateManager extends Object
Constructor and Description |
---|
CertificateManager() |
Modifier and Type | Method and Description |
---|---|
static void |
addListener(CertificateEventListener listener)
Registers a listener to receive events.
|
static String |
createSigningRequest(X509Certificate cert,
PrivateKey privKey)
Creates and returns the content of a new singing request for the specified certificate.
|
static X509Certificate |
createX509V3Certificate(KeyPair kp,
int days,
String issuerCommonName,
String subjectCommonName,
String domain,
String signAlgoritm)
Creates an X509 version3 certificate.
|
static X509Certificate |
createX509V3Certificate(KeyPair kp,
int days,
String issuerCommonName,
String subjectCommonName,
String domain,
String signAlgoritm,
Set<String> sanDnsNames) |
static X509Certificate |
createX509V3Certificate(KeyPair kp,
int days,
org.bouncycastle.asn1.x500.X500NameBuilder issuerBuilder,
org.bouncycastle.asn1.x500.X500NameBuilder subjectBuilder,
String domain,
String signAlgoritm)
Creates an X509 version3 certificate.
|
static X509Certificate |
createX509V3Certificate(KeyPair kp,
int days,
org.bouncycastle.asn1.x500.X500NameBuilder issuerBuilder,
org.bouncycastle.asn1.x500.X500NameBuilder subjectBuilder,
String domain,
String signAlgoritm,
Set<String> sanDnsNames) |
static Set<String> |
determineSubjectAlternateNameDnsNameValues()
Finds all values that aught to be added as a Subject Alternate Name of the dnsName type to a certificate that
identifies this XMPP server.
|
static void |
fireCertificateStoreChanged(CertificateStore store)
Notify listeners that a certificate store has been changed.
|
static List<String> |
getClientIdentities(X509Certificate x509Certificate)
Returns the identities of the remote client as defined in the specified certificate.
|
static List<String> |
getServerIdentities(X509Certificate x509Certificate)
Returns the identities of the remote server as defined in the specified certificate.
|
protected static org.bouncycastle.asn1.x509.GeneralNames |
getSubjectAlternativeNames(Set<String> sanDnsNames) |
static boolean |
isSelfSignedCertificate(X509Certificate certificate)
Returns true if the specified certificate is a self-signed certificate.
|
static boolean |
isSigningRequestPending(X509Certificate certificate)
Returns true if the specified certificate is ready to be signed by a Certificate Authority.
|
static List<X509Certificate> |
order(Collection<X509Certificate> certificates)
Deprecated.
Moved to CertificateUtils
|
static Collection<X509Certificate> |
parseCertificates(InputStream pemRepresentation)
Parses a certificate chain from a PEM representation.
|
static Collection<X509Certificate> |
parseCertificates(String pemRepresentation) |
static PrivateKey |
parsePrivateKey(InputStream pemRepresentation,
String passPhrase)
Parses a PrivateKey instance from a PEM representation.
|
static PrivateKey |
parsePrivateKey(String pemRepresentation,
String passPhrase) |
static void |
removeListener(CertificateEventListener listener)
Unregisters a listener to receive events.
|
static String |
toPemRepresentation(Object object)
Generates a PEM representation of the input argument.
|
public static List<String> getClientIdentities(X509Certificate x509Certificate)
x509Certificate
- the certificate the holds the identities of the remote server.public static List<String> getServerIdentities(X509Certificate x509Certificate)
x509Certificate
- the certificate the holds the identities of the remote server.public static boolean isSelfSignedCertificate(X509Certificate certificate)
certificate
- the certificate to checkpublic static boolean isSigningRequestPending(X509Certificate certificate)
certificate
- the certificate to checkpublic static String createSigningRequest(X509Certificate cert, PrivateKey privKey) throws org.bouncycastle.operator.OperatorCreationException, IOException, CertificateParsingException
cert
- the certificate to create a signing request.privKey
- the private key of the certificate.org.bouncycastle.operator.OperatorCreationException
- if there was a problem creating the CSRIOException
- if there was a problem creating the CSRCertificateParsingException
- if there was a problem creating the CSRpublic static String toPemRepresentation(Object object) throws IOException
object
- the input argument (cannot be null).IOException
- When a PEM representation of the input could not be created.public static PrivateKey parsePrivateKey(String pemRepresentation, String passPhrase) throws IOException
IOException
public static PrivateKey parsePrivateKey(InputStream pemRepresentation, String passPhrase) throws IOException
pemRepresentation
- a PEM representation of a private key (cannot be null or empty)passPhrase
- optional pass phrase (must be present if the private key is encrypted).IOException
- if there was a problem parsing the keypublic static Collection<X509Certificate> parseCertificates(String pemRepresentation) throws IOException, CertificateException
IOException
CertificateException
public static Collection<X509Certificate> parseCertificates(InputStream pemRepresentation) throws IOException, CertificateException
pemRepresentation
- a PEM representation of a certificate or certificate chain (cannot be null or empty)IOException
- neverCertificateException
- if there was a problem parsing certificatespublic static void addListener(CertificateEventListener listener)
listener
- the listener.public static void removeListener(CertificateEventListener listener)
listener
- the listener.public static void fireCertificateStoreChanged(CertificateStore store)
store
- the store that has changed@Deprecated public static List<X509Certificate> order(Collection<X509Certificate> certificates) throws CertificateException
certificates
- an unordered collection of certificates (cannot be null).CertificateException
- if there was a problem accessing the certificatespublic static X509Certificate createX509V3Certificate(KeyPair kp, int days, String issuerCommonName, String subjectCommonName, String domain, String signAlgoritm) throws GeneralSecurityException, IOException
kp
- KeyPair that keeps the public and private keys for the new certificate.days
- time to liveissuerCommonName
- Issuer CN stringsubjectCommonName
- Subject CN stringdomain
- Domain of the server.signAlgoritm
- Signature algorithm. This can be either a name or an OID.GeneralSecurityException
- if there was a problem creating the certificateIOException
- if there was a problem creating the certificatepublic static X509Certificate createX509V3Certificate(KeyPair kp, int days, String issuerCommonName, String subjectCommonName, String domain, String signAlgoritm, Set<String> sanDnsNames) throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
public static X509Certificate createX509V3Certificate(KeyPair kp, int days, org.bouncycastle.asn1.x500.X500NameBuilder issuerBuilder, org.bouncycastle.asn1.x500.X500NameBuilder subjectBuilder, String domain, String signAlgoritm) throws GeneralSecurityException, IOException
kp
- KeyPair that keeps the public and private keys for the new certificate.days
- time to liveissuerBuilder
- IssuerDN buildersubjectBuilder
- SubjectDN builderdomain
- Domain of the server.signAlgoritm
- Signature algorithm. This can be either a name or an OID.GeneralSecurityException
- if there was a problem creating the certificateIOException
- if there was a problem creating the certificatepublic static X509Certificate createX509V3Certificate(KeyPair kp, int days, org.bouncycastle.asn1.x500.X500NameBuilder issuerBuilder, org.bouncycastle.asn1.x500.X500NameBuilder subjectBuilder, String domain, String signAlgoritm, Set<String> sanDnsNames) throws GeneralSecurityException, IOException
GeneralSecurityException
IOException
protected static org.bouncycastle.asn1.x509.GeneralNames getSubjectAlternativeNames(Set<String> sanDnsNames)
public static Set<String> determineSubjectAlternateNameDnsNameValues()
Copyright © 2003–2019 Ignite Realtime. All rights reserved.