-
PemTrustOptions
-
helper: KeyStoreHelper
-
certPaths: ArrayList<String>
-
certValues: ArrayList<Buffer>
-
PemTrustOptions(): void
-
PemTrustOptions(PemTrustOptions): void
-
PemTrustOptions(JsonObject): void
-
toJson(): JsonObject
-
getCertPaths(): List<String>
-
addCertPath(String): PemTrustOptions
-
getCertValues(): List<Buffer>
-
addCertValue(Buffer): PemTrustOptions
-
loadKeyStore(Vertx): KeyStore
-
getTrustManagerFactory(Vertx): TrustManagerFactory
-
trustManagerMapper(Vertx): Function<String, TrustManager[]>
-
copy(): PemTrustOptions
-
getHelper(Vertx): KeyStoreHelper
-
http://nexus.sonatype.org/oss-repository-hosting.html/vertx-parent/vertx-core: Sonatype helps open source projects to set up Maven repositories on https://oss.sonatype.org/
(Eclipse)
/*
* Copyright (c) 2011-2019 Contributors to the Eclipse Foundation
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
* which is available at https://www.apache.org/licenses/LICENSE-2.0.
*
* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
*/
package io.vertx.core.net;
import io.vertx.codegen.annotations.DataObject;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.impl.Arguments;
import io.vertx.core.impl.VertxInternal;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.impl.KeyStoreHelper;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Stream;
Certificate Authority options configuring certificates based on
Privacy-enhanced Electronic Email (PEM) files. The options is configured with a list of
validating certificates.
Validating certificates must contain X.509 certificates wrapped in a PEM block:
-----BEGIN CERTIFICATE-----
MIIDezCCAmOgAwIBAgIEVmLkwTANBgkqhkiG9w0BAQsFADBuMRAwDgYDVQQGEwdV
...
z5+DuODBJUQst141Jmgq8bS543IU/5apcKQeGNxEyQ==
-----END CERTIFICATE-----
The certificates can either be loaded by Vert.x from the filesystem:
HttpServerOptions options = new HttpServerOptions();
options.setPemTrustOptions(new PemTrustOptions().addCertPath("/cert.pem"));
Or directly provided as a buffer:
Buffer cert = vertx.fileSystem().readFileBlocking("/cert.pem");
HttpServerOptions options = new HttpServerOptions();
options.setPemTrustOptions(new PemTrustOptions().addCertValue(cert));
Author: Julien Viet, Tim Fox
/**
* Certificate Authority options configuring certificates based on
* <i>Privacy-enhanced Electronic Email</i> (PEM) files. The options is configured with a list of
* validating certificates.
* <p>
* Validating certificates must contain X.509 certificates wrapped in a PEM block:<p>
*
* <pre>
* -----BEGIN CERTIFICATE-----
* MIIDezCCAmOgAwIBAgIEVmLkwTANBgkqhkiG9w0BAQsFADBuMRAwDgYDVQQGEwdV
* ...
* z5+DuODBJUQst141Jmgq8bS543IU/5apcKQeGNxEyQ==
* -----END CERTIFICATE-----
* </pre>
*
* The certificates can either be loaded by Vert.x from the filesystem:
* <p>
* <pre>
* HttpServerOptions options = new HttpServerOptions();
* options.setPemTrustOptions(new PemTrustOptions().addCertPath("/cert.pem"));
* </pre>
*
* Or directly provided as a buffer:
* <p>
*
* <pre>
* Buffer cert = vertx.fileSystem().readFileBlocking("/cert.pem");
* HttpServerOptions options = new HttpServerOptions();
* options.setPemTrustOptions(new PemTrustOptions().addCertValue(cert));
* </pre>
*
* @author <a href="mailto:julien@julienviet.com">Julien Viet</a>
* @author <a href="http://tfox.org">Tim Fox</a>
*/
@DataObject(generateConverter = true, publicConverter = false)
public class PemTrustOptions implements TrustOptions, Cloneable {
private KeyStoreHelper helper;
private ArrayList<String> certPaths;
private ArrayList<Buffer> certValues;
Default constructor
/**
* Default constructor
*/
public PemTrustOptions() {
super();
this.certPaths = new ArrayList<>();
this.certValues = new ArrayList<>();
}
Copy constructor
Params: - other – the options to copy
/**
* Copy constructor
*
* @param other the options to copy
*/
public PemTrustOptions(PemTrustOptions other) {
super();
this.certPaths = new ArrayList<>(other.getCertPaths());
this.certValues = new ArrayList<>(other.getCertValues());
}
Create options from JSON
Params: - json – the JSON
/**
* Create options from JSON
*
* @param json the JSON
*/
public PemTrustOptions(JsonObject json) {
this();
PemTrustOptionsConverter.fromJson(json, this);
}
Convert to JSON
Returns: the JSON
/**
* Convert to JSON
*
* @return the JSON
*/
public JsonObject toJson() {
JsonObject json = new JsonObject();
PemTrustOptionsConverter.toJson(this, json);
return json;
}
Returns: the certificate paths used to locate certificates
/**
* @return the certificate paths used to locate certificates
*/
public List<String> getCertPaths() {
return certPaths;
}
Add a certificate path
Params: - certPath – the path to add
Throws: Returns: a reference to this, so the API can be used fluently
/**
* Add a certificate path
*
* @param certPath the path to add
* @return a reference to this, so the API can be used fluently
* @throws NullPointerException
*/
public PemTrustOptions addCertPath(String certPath) throws NullPointerException {
Objects.requireNonNull(certPath, "No null certificate accepted");
Arguments.require(!certPath.isEmpty(), "No empty certificate path accepted");
certPaths.add(certPath);
return this;
}
Returns: the certificate values
/**
*
* @return the certificate values
*/
public List<Buffer> getCertValues() {
return certValues;
}
Add a certificate value
Params: - certValue – the value to add
Throws: Returns: a reference to this, so the API can be used fluently
/**
* Add a certificate value
*
* @param certValue the value to add
* @return a reference to this, so the API can be used fluently
* @throws NullPointerException
*/
public PemTrustOptions addCertValue(Buffer certValue) throws NullPointerException {
Objects.requireNonNull(certValue, "No null certificate accepted");
certValues.add(certValue);
return this;
}
Load and return a Java keystore.
Params: - vertx – the vertx instance
Returns: the KeyStore
/**
* Load and return a Java keystore.
*
* @param vertx the vertx instance
* @return the {@code KeyStore}
*/
public KeyStore loadKeyStore(Vertx vertx) throws Exception {
KeyStoreHelper helper = getHelper(vertx);
return helper != null ? helper.store() : null;
}
@Override
public TrustManagerFactory getTrustManagerFactory(Vertx vertx) throws Exception {
KeyStoreHelper helper = getHelper(vertx);
return helper != null ? helper.getTrustMgrFactory((VertxInternal) vertx) : null;
}
@Override
public Function<String, TrustManager[]> trustManagerMapper(Vertx vertx) throws Exception {
KeyStoreHelper helper = getHelper(vertx);
return helper != null ? helper::getTrustMgr : null;
}
@Override
public PemTrustOptions copy() {
return new PemTrustOptions(this);
}
KeyStoreHelper getHelper(Vertx vertx) throws Exception {
if (helper == null) {
Stream<Buffer> certValues = certPaths.
stream().
map(path -> ((VertxInternal)vertx).resolveFile(path).getAbsolutePath()).
map(vertx.fileSystem()::readFileBlocking);
certValues = Stream.concat(certValues, this.certValues.stream());
helper = new KeyStoreHelper(KeyStoreHelper.loadCA(certValues), null);
}
return helper;
}
}