tigase.io
Interface SSLContextContainerIfc

All Known Implementing Classes:
SSLContextContainer

public interface SSLContextContainerIfc

Describe interface SSLContextContainerIfc here. Created: Tue Nov 20 11:43:32 2007

Version:
$Rev: 799 $
Author:
Artur Hefczyc

Field Summary
static String ALLOW_INVALID_CERTS_KEY
          Constant ALLOW_INVALID_CERTS_KEY is a key pointing to a configuration parameters specyfying if invalid certificates are acceptable by the server.
static String ALLOW_INVALID_CERTS_VAL
          Constant ALLOW_INVALID_CERTS_VAL is a default configuration parameter specifying if invalid certificates are acceptable by the server.
static String ALLOW_SELF_SIGNED_CERTS_KEY
          Constant ALLOW_SELF_SIGNED_CERTS_KEY is a key pointing to a configuration parameter specifying if self-signed certificates are acceptable for the server.
static String ALLOW_SELF_SIGNED_CERTS_VAL
          Constant ALLOW_SELF_SIGNED_CERTS_VAL is a default configuration value specifying if self-signed certificates are allowed by the server.
static String DEFAULT_DOMAIN_CERT_KEY
          Constant DEFAULT_DOMAIN_CERT_KEY is a key pointing to the domain with default certificate.
static String DEFAULT_DOMAIN_CERT_VAL
          Constant DEFAULT_DOMAIN_CERT_VAL keeps default value for a domain with default certificate.
static String JKS_KEYSTORE_FILE_KEY
          Constant JKS_KEYSTORE_FILE_KEY is a key pointing to a JKS keystore file.
static String JKS_KEYSTORE_FILE_VAL
          Constant JKS_KEYSTORE_FILE_VAL keeps default value for a JKS keystore file.
static String JKS_KEYSTORE_PWD_KEY
          Constant JKS_KEYSTORE_PWD_KEY is a key pointing to a private key password,
static String JKS_KEYSTORE_PWD_VAL
          Constant JKS_KEYSTORE_PWD_VAL is a default private key password.
static String SERVER_CERTS_DIR_KEY
          Constant SERVER_CERTS_DIR_KEY is a key pointing to a configuration parameter with directory name where all server certificates are stored.
static String SERVER_CERTS_DIR_VAL
          Constant SERVER_CERTS_DIR_VAL is a default directory name where all certificate files are stored.
static String SSL_CONTAINER_CLASS_KEY
          Constant SSL_CONTAINER_CLASS_KEY is a key pointing to a container implementation class.
static String SSL_CONTAINER_CLASS_VAL
          Constant SSL_CONTAINER_CLASS_VAL keeps default container implementation class loaded if none is specified in configuration file.
static String TRUSTED_CERTS_DIR_KEY
          Constant TRUSTED_CERTS_DIR_KEY is a key pointing to a configuration parameter where all trusted certificates are stored.
static String TRUSTED_CERTS_DIR_VAL
          Constant TRUSTED_CERTS_DIR_VAL is a default directory name where all trusted certificates are stored.
static String TRUSTSTORE_FILE_KEY
          Constant TRUSTSTORE_FILE_KEY is a key pointing to a trust store file.
static String TRUSTSTORE_FILE_VAL
          Constant TRUSTSTORE_FILE_VAL is a default truststore file.
static String TRUSTSTORE_PWD_KEY
          Constant TRUSTSTORE_PWD_KEY is a key pointing to a trustore file password.
static String TRUSTSTORE_PWD_VAL
          Constant TRUSTSTORE_PWD_VAL is a default password for truststore file.
 
Method Summary
 void addCertificates(Map<String,String> params)
          Method addCertificates allows to add more certificates at run time after the container has bee already initialized.
 SSLContext getSSLContext(String protocol, String hostname)
          Method getSSLContext creates and returns new SSLContext for a given domain (hostname).
 void init(Map<String,String> params)
          Method init method initializes the container.
 

Field Detail

SSL_CONTAINER_CLASS_KEY

static final String SSL_CONTAINER_CLASS_KEY
Constant SSL_CONTAINER_CLASS_KEY is a key pointing to a container implementation class. The class is loaded at startup time and initialized using configuration parameters. Some container implementations may accept different parameters set. Please refer to the implementation for more details.

See Also:
Constant Field Values

SSL_CONTAINER_CLASS_VAL

static final String SSL_CONTAINER_CLASS_VAL
Constant SSL_CONTAINER_CLASS_VAL keeps default container implementation class loaded if none is specified in configuration file.

See Also:
Constant Field Values

DEFAULT_DOMAIN_CERT_KEY

static final String DEFAULT_DOMAIN_CERT_KEY
Constant DEFAULT_DOMAIN_CERT_KEY is a key pointing to the domain with default certificate.

See Also:
Constant Field Values

DEFAULT_DOMAIN_CERT_VAL

static final String DEFAULT_DOMAIN_CERT_VAL
Constant DEFAULT_DOMAIN_CERT_VAL keeps default value for a domain with default certificate.

See Also:
Constant Field Values

JKS_KEYSTORE_FILE_KEY

static final String JKS_KEYSTORE_FILE_KEY
Constant JKS_KEYSTORE_FILE_KEY is a key pointing to a JKS keystore file.

See Also:
Constant Field Values

JKS_KEYSTORE_FILE_VAL

static final String JKS_KEYSTORE_FILE_VAL
Constant JKS_KEYSTORE_FILE_VAL keeps default value for a JKS keystore file.


JKS_KEYSTORE_PWD_KEY

static final String JKS_KEYSTORE_PWD_KEY
Constant JKS_KEYSTORE_PWD_KEY is a key pointing to a private key password,

See Also:
Constant Field Values

JKS_KEYSTORE_PWD_VAL

static final String JKS_KEYSTORE_PWD_VAL
Constant JKS_KEYSTORE_PWD_VAL is a default private key password.

See Also:
Constant Field Values

TRUSTSTORE_FILE_KEY

static final String TRUSTSTORE_FILE_KEY
Constant TRUSTSTORE_FILE_KEY is a key pointing to a trust store file.

See Also:
Constant Field Values

TRUSTSTORE_FILE_VAL

static final String TRUSTSTORE_FILE_VAL
Constant TRUSTSTORE_FILE_VAL is a default truststore file.


TRUSTSTORE_PWD_KEY

static final String TRUSTSTORE_PWD_KEY
Constant TRUSTSTORE_PWD_KEY is a key pointing to a trustore file password.

See Also:
Constant Field Values

TRUSTSTORE_PWD_VAL

static final String TRUSTSTORE_PWD_VAL
Constant TRUSTSTORE_PWD_VAL is a default password for truststore file.

See Also:
Constant Field Values

SERVER_CERTS_DIR_KEY

static final String SERVER_CERTS_DIR_KEY
Constant SERVER_CERTS_DIR_KEY is a key pointing to a configuration parameter with directory name where all server certificates are stored. Certificates are stored in *.pem files where the first part of the file name is a domain name i.e.: yourdomain.com.pem. There is one exception though. The file named default.pem stores a certificate which is a default certificate for the server if certificate for specific domain is missing.

See Also:
Constant Field Values

SERVER_CERTS_DIR_VAL

static final String SERVER_CERTS_DIR_VAL
Constant SERVER_CERTS_DIR_VAL is a default directory name where all certificate files are stored.

See Also:
Constant Field Values

TRUSTED_CERTS_DIR_KEY

static final String TRUSTED_CERTS_DIR_KEY
Constant TRUSTED_CERTS_DIR_KEY is a key pointing to a configuration parameter where all trusted certificates are stored.

See Also:
Constant Field Values

TRUSTED_CERTS_DIR_VAL

static final String TRUSTED_CERTS_DIR_VAL
Constant TRUSTED_CERTS_DIR_VAL is a default directory name where all trusted certificates are stored.

See Also:
Constant Field Values

ALLOW_SELF_SIGNED_CERTS_KEY

static final String ALLOW_SELF_SIGNED_CERTS_KEY
Constant ALLOW_SELF_SIGNED_CERTS_KEY is a key pointing to a configuration parameter specifying if self-signed certificates are acceptable for the server.

See Also:
Constant Field Values

ALLOW_SELF_SIGNED_CERTS_VAL

static final String ALLOW_SELF_SIGNED_CERTS_VAL
Constant ALLOW_SELF_SIGNED_CERTS_VAL is a default configuration value specifying if self-signed certificates are allowed by the server.

See Also:
Constant Field Values

ALLOW_INVALID_CERTS_KEY

static final String ALLOW_INVALID_CERTS_KEY
Constant ALLOW_INVALID_CERTS_KEY is a key pointing to a configuration parameters specyfying if invalid certificates are acceptable by the server. Invalid certificates are expired ones or certificates issued for a different domain. This should be really set to false in any real deployment and can be set ot true in development invironment.

See Also:
Constant Field Values

ALLOW_INVALID_CERTS_VAL

static final String ALLOW_INVALID_CERTS_VAL
Constant ALLOW_INVALID_CERTS_VAL is a default configuration parameter specifying if invalid certificates are acceptable by the server.

See Also:
Constant Field Values
Method Detail

getSSLContext

SSLContext getSSLContext(String protocol,
                         String hostname)
Method getSSLContext creates and returns new SSLContext for a given domain (hostname). For creation of the SSLContext a certificate associated with this domain (hostname) should be used. If there is no specific certificate for a given domain then default certificate should be used.

Parameters:
protocol - a String is either 'SSL' or 'TLS' value.
hostname - a String value keeps a hostname or domain for SSLContext.
Returns:
a SSLContext value

init

void init(Map<String,String> params)
Method init method initializes the container. If the container has been already initialized then it should clear all the data and re-initialize the container with the "fresh" data. If there is only one certificate loaded it is a default one as well. Otherwise the certificate from default.pem file should be used as a default one. Deafault certificate can be also set through the settings in the Map given as a parameter. DEFAULT_DOMAIN_CERT_KEY points to the domain which holds default certificate.

Parameters:
params - a Map value

addCertificates

void addCertificates(Map<String,String> params)
Method addCertificates allows to add more certificates at run time after the container has bee already initialized. This is to avoid server restart if there are certificates updates or new certificates for new virtual domain. The method should add new certificates or replace existing one if there is already a certificate for a domain.

Parameters:
params - a Map value with configuration parameters.


Copyright © 2001-2006 Tigase Developers Team. All rights Reserved.