Package org.globus.gsi.jsse
Class GlobusSSLHelper
java.lang.Object
org.globus.gsi.jsse.GlobusSSLHelper
This is a utility class designed to simplify common tasks required for
configuring the globus ssl support.
- Since:
- 1.0
- Version:
- 1.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic KeyStore
buildTrustStore
(String provider, String trustAnchorStoreType, String trustAnchorStoreLocation, String trustAnchorStorePassword) Create a trust store using the supplied details.static KeyStore
findCredentialStore
(String provider, String credentialStoreType, String credentialStoreLocation, String credentialStorePassword) Create a configured CredentialStore using the supplied parameters.static CertStore
findCRLStore
(String crlPattern) Create a store of Certificate Revocation Lists.private static InputStream
-
Constructor Details
-
GlobusSSLHelper
private GlobusSSLHelper()
-
-
Method Details
-
buildTrustStore
public static KeyStore buildTrustStore(String provider, String trustAnchorStoreType, String trustAnchorStoreLocation, String trustAnchorStorePassword) throws GlobusSSLConfigurationException Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.- Parameters:
provider
- The Java security provider to use.trustAnchorStoreType
- The type of key store to be constructed.trustAnchorStoreLocation
- The location of the trust store filetrustAnchorStorePassword
- The password for the trust store.- Returns:
- A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
- Throws:
GlobusSSLConfigurationException
- If unable to construct the TrustStore.
-
findCredentialStore
public static KeyStore findCredentialStore(String provider, String credentialStoreType, String credentialStoreLocation, String credentialStorePassword) throws GlobusSSLConfigurationException Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.- Parameters:
provider
- The Java security provider to use.credentialStoreType
- The type of key store to be constructed.credentialStoreLocation
- The location of the credential store filecredentialStorePassword
- The password for the credential store.- Returns:
- A configured Keystore which holds credentials defined by these parameters.
- Throws:
GlobusSSLConfigurationException
- If unable to construct the Credential Store.
-
getStream
- Throws:
MalformedURLException
IOException
-
findCRLStore
Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.- Parameters:
crlPattern
- The pattern which defines the locations of the CRL's- Returns:
- A configured Java CertStore containing the specified CRL's
- Throws:
GlobusSSLConfigurationException
- if the store cannot be loaded.
-