static X509Certificate[] toX509CertificatesInternal(File file) throws SSLException { try { return toX509Certificates(file); } catch (CertificateException e) { throw new SSLException(e); } }
static X509Certificate[] toX509CertificatesInternal(File file) throws SSLException { try { return toX509Certificates(file); } catch (CertificateException e) { throw new SSLException(e); } }
/** * Trusted certificates for verifying the remote endpoint's certificate. The file should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. */ public SslContextBuilder trustManager(File trustCertCollectionFile) { try { return trustManager(SslContext.toX509Certificates(trustCertCollectionFile)); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid certificates: " + trustCertCollectionFile, e); } }
/** * Trusted certificates for verifying the remote endpoint's certificate. The input stream should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. */ public SslContextBuilder trustManager(InputStream trustCertCollectionInputStream) { try { return trustManager(SslContext.toX509Certificates(trustCertCollectionInputStream)); } catch (Exception e) { throw new IllegalArgumentException("Input stream does not contain valid certificates.", e); } }
/** * Build a {@link TrustManagerFactory} from a certificate chain file. * @param certChainFile The certificate file to build from. * @param trustManagerFactory The existing {@link TrustManagerFactory} that will be used if not {@code null}. * @return A {@link TrustManagerFactory} which contains the certificates in {@code certChainFile} */ @Deprecated protected static TrustManagerFactory buildTrustManagerFactory( File certChainFile, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { X509Certificate[] x509Certs = toX509Certificates(certChainFile); return buildTrustManagerFactory(x509Certs, trustManagerFactory); }
/** * Create a new initialized {@link OpenSslX509KeyManagerFactory} which loads its {@link PrivateKey} directly from * an {@code OpenSSL engine} via the * <a href="https://www.openssl.org/docs/man1.1.0/crypto/ENGINE_load_private_key.html">ENGINE_load_private_key</a> * function. */ public static OpenSslX509KeyManagerFactory newEngineBased(File certificateChain, String password) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { return newEngineBased(SslContext.toX509Certificates(certificateChain), password); }
/** * Build a {@link TrustManagerFactory} from a certificate chain file. * @param certChainFile The certificate file to build from. * @param trustManagerFactory The existing {@link TrustManagerFactory} that will be used if not {@code null}. * @return A {@link TrustManagerFactory} which contains the certificates in {@code certChainFile} */ @Deprecated protected static TrustManagerFactory buildTrustManagerFactory( File certChainFile, TrustManagerFactory trustManagerFactory) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException { X509Certificate[] x509Certs = toX509Certificates(certChainFile); return buildTrustManagerFactory(x509Certs, trustManagerFactory); }
/** * Trusted certificates for verifying the remote endpoint's certificate. The file should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. */ public SslContextBuilder trustManager(File trustCertCollectionFile) { try { return trustManager(SslContext.toX509Certificates(trustCertCollectionFile)); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid certificates: " + trustCertCollectionFile, e); } }
/** * Trusted certificates for verifying the remote endpoint's certificate. The input stream should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. */ public SslContextBuilder trustManager(InputStream trustCertCollectionInputStream) { try { return trustManager(SslContext.toX509Certificates(trustCertCollectionInputStream)); } catch (Exception e) { throw new IllegalArgumentException("Input stream does not contain valid certificates.", e); } }
/** * Create a new initialized {@link OpenSslX509KeyManagerFactory} which loads its {@link PrivateKey} directly from * an {@code OpenSSL engine} via the * <a href="https://www.openssl.org/docs/man1.1.0/crypto/ENGINE_load_private_key.html">ENGINE_load_private_key</a> * function. */ public static OpenSslX509KeyManagerFactory newEngineBased(File certificateChain, String password) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { return newEngineBased(SslContext.toX509Certificates(certificateChain), password); }
/** * Identifying certificate for this host. {@code keyCertChainFile} and {@code keyFile} may * be {@code null} for client contexts, which disables mutual authentication. * * @param keyCertChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @param keyPassword the password of the {@code keyFile}, or {@code null} if it's not * password-protected */ public SslContextBuilder keyManager(File keyCertChainFile, File keyFile, String keyPassword) { X509Certificate[] keyCertChain; PrivateKey key; try { keyCertChain = SslContext.toX509Certificates(keyCertChainFile); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid certificates: " + keyCertChainFile, e); } try { key = SslContext.toPrivateKey(keyFile, keyPassword); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid private key: " + keyFile, e); } return keyManager(key, keyPassword, keyCertChain); }
/** * Identifying certificate for this host. {@code keyCertChainInputStream} and {@code keyInputStream} may * be {@code null} for client contexts, which disables mutual authentication. * * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format * @param keyInputStream an input stream for a PKCS#8 private key in PEM format * @param keyPassword the password of the {@code keyInputStream}, or {@code null} if it's not * password-protected */ public SslContextBuilder keyManager(InputStream keyCertChainInputStream, InputStream keyInputStream, String keyPassword) { X509Certificate[] keyCertChain; PrivateKey key; try { keyCertChain = SslContext.toX509Certificates(keyCertChainInputStream); } catch (Exception e) { throw new IllegalArgumentException("Input stream not contain valid certificates.", e); } try { key = SslContext.toPrivateKey(keyInputStream, keyPassword); } catch (Exception e) { throw new IllegalArgumentException("Input stream does not contain valid private key.", e); } return keyManager(key, keyPassword, keyCertChain); }
long sessionCacheSize, long sessionTimeout) throws SSLException { try { return newServerContextInternal(provider, null, toX509Certificates(trustCertCollectionFile), trustManagerFactory, toX509Certificates(keyCertChainFile), toPrivateKey(keyFile, keyPassword), keyPassword, keyManagerFactory, ciphers, cipherFilter, apn,
try { return newClientContextInternal(provider, null, toX509Certificates(trustCertCollectionFile), trustManagerFactory, toX509Certificates(keyCertChainFile), toPrivateKey(keyFile, keyPassword), keyPassword, keyManagerFactory, ciphers, cipherFilter, apn, null, sessionCacheSize, sessionTimeout, false);
/** * Identifying certificate for this host. {@code keyCertChainFile} and {@code keyFile} may * be {@code null} for client contexts, which disables mutual authentication. * * @param keyCertChainFile an X.509 certificate chain file in PEM format * @param keyFile a PKCS#8 private key file in PEM format * @param keyPassword the password of the {@code keyFile}, or {@code null} if it's not * password-protected */ public SslContextBuilder keyManager(File keyCertChainFile, File keyFile, String keyPassword) { X509Certificate[] keyCertChain; PrivateKey key; try { keyCertChain = SslContext.toX509Certificates(keyCertChainFile); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid certificates: " + keyCertChainFile, e); } try { key = SslContext.toPrivateKey(keyFile, keyPassword); } catch (Exception e) { throw new IllegalArgumentException("File does not contain valid private key: " + keyFile, e); } return keyManager(key, keyPassword, keyCertChain); }
long sessionCacheSize, long sessionTimeout) throws SSLException { try { return newServerContextInternal(provider, null, toX509Certificates(trustCertCollectionFile), trustManagerFactory, toX509Certificates(keyCertChainFile), toPrivateKey(keyFile, keyPassword), keyPassword, keyManagerFactory, ciphers, cipherFilter, apn,
/** * Identifying certificate for this host. {@code keyCertChainInputStream} and {@code keyInputStream} may * be {@code null} for client contexts, which disables mutual authentication. * * @param keyCertChainInputStream an input stream for an X.509 certificate chain in PEM format * @param keyInputStream an input stream for a PKCS#8 private key in PEM format * @param keyPassword the password of the {@code keyInputStream}, or {@code null} if it's not * password-protected */ public SslContextBuilder keyManager(InputStream keyCertChainInputStream, InputStream keyInputStream, String keyPassword) { X509Certificate[] keyCertChain; PrivateKey key; try { keyCertChain = SslContext.toX509Certificates(keyCertChainInputStream); } catch (Exception e) { throw new IllegalArgumentException("Input stream not contain valid certificates.", e); } try { key = SslContext.toPrivateKey(keyInputStream, keyPassword); } catch (Exception e) { throw new IllegalArgumentException("Input stream does not contain valid private key.", e); } return keyManager(key, keyPassword, keyCertChain); }
try { return newClientContextInternal(provider, null, toX509Certificates(trustCertCollectionFile), trustManagerFactory, toX509Certificates(keyCertChainFile), toPrivateKey(keyFile, keyPassword), keyPassword, keyManagerFactory, ciphers, cipherFilter, apn, null, sessionCacheSize, sessionTimeout, false);
/** * Create a new initialized {@link OpenSslX509KeyManagerFactory} which loads its {@link PrivateKey} directly from * an {@code OpenSSL engine} via the * <a href="https://www.openssl.org/docs/man1.1.0/crypto/ENGINE_load_private_key.html">ENGINE_load_private_key</a> * function. */ public static OpenSslX509KeyManagerFactory newEngineBased(File certificateChain, String password) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { return newEngineBased(SslContext.toX509Certificates(certificateChain), password); }
/** * Trusted certificates for verifying the remote endpoint's certificate. The input stream should * contain an X.509 certificate collection in PEM format. {@code null} uses the system default. */ public SslContextBuilder trustManager(InputStream trustCertCollectionInputStream) { try { return trustManager(SslContext.toX509Certificates(trustCertCollectionInputStream)); } catch (Exception e) { throw new IllegalArgumentException("Input stream does not contain valid certificates.", e); } }