Package org.globus.gsi.jsse
Class GlobusSSLHelper
- java.lang.Object
-
- org.globus.gsi.jsse.GlobusSSLHelper
-
public final class GlobusSSLHelper extends java.lang.Object
This is a utility class designed to simplify common tasks required for configuring the globus ssl support.- Since:
- 1.0
- Version:
- 1.0
-
-
Constructor Summary
Constructors Modifier Constructor Description private
GlobusSSLHelper()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.security.KeyStore
buildTrustStore(java.lang.String provider, java.lang.String trustAnchorStoreType, java.lang.String trustAnchorStoreLocation, java.lang.String trustAnchorStorePassword)
Create a trust store using the supplied details.static java.security.KeyStore
findCredentialStore(java.lang.String provider, java.lang.String credentialStoreType, java.lang.String credentialStoreLocation, java.lang.String credentialStorePassword)
Create a configured CredentialStore using the supplied parameters.static java.security.cert.CertStore
findCRLStore(java.lang.String crlPattern)
Create a store of Certificate Revocation Lists.private static java.io.InputStream
getStream(java.lang.String url)
-
-
-
Method Detail
-
buildTrustStore
public static java.security.KeyStore buildTrustStore(java.lang.String provider, java.lang.String trustAnchorStoreType, java.lang.String trustAnchorStoreLocation, java.lang.String trustAnchorStorePassword) throws GlobusSSLConfigurationException
Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.- Parameters:
provider
- The Java security provider to use.trustAnchorStoreType
- The type of key store to be constructed.trustAnchorStoreLocation
- The location of the trust store filetrustAnchorStorePassword
- The password for the trust store.- Returns:
- A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
- Throws:
GlobusSSLConfigurationException
- If unable to construct the TrustStore.
-
findCredentialStore
public static java.security.KeyStore findCredentialStore(java.lang.String provider, java.lang.String credentialStoreType, java.lang.String credentialStoreLocation, java.lang.String credentialStorePassword) throws GlobusSSLConfigurationException
Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.- Parameters:
provider
- The Java security provider to use.credentialStoreType
- The type of key store to be constructed.credentialStoreLocation
- The location of the credential store filecredentialStorePassword
- The password for the credential store.- Returns:
- A configured Keystore which holds credentials defined by these parameters.
- Throws:
GlobusSSLConfigurationException
- If unable to construct the Credential Store.
-
getStream
private static java.io.InputStream getStream(java.lang.String url) throws java.net.MalformedURLException, java.io.IOException
- Throws:
java.net.MalformedURLException
java.io.IOException
-
findCRLStore
public static java.security.cert.CertStore findCRLStore(java.lang.String crlPattern) throws GlobusSSLConfigurationException
Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.- Parameters:
crlPattern
- The pattern which defines the locations of the CRL's- Returns:
- A configured Java CertStore containing the specified CRL's
- Throws:
GlobusSSLConfigurationException
- if the store cannot be loaded.
-
-