/** * Returns the generated private key as a PEM-encoded String, encrypted using the specified password and the * {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. * * @param privateKeyPassword password to use to encrypt the private key */ public String encodePrivateKeyAsPem(String privateKeyPassword) { return securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), privateKeyPassword, DEFAULT_PEM_ENCRYPTION_ALGORITHM); }
/** * Saves the private key as PEM-encoded data to a file, using the specified password to encrypt the private key and * the {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. If the password is null, the private key will be stored unencrypted. * In general, private keys should not be stored unencrypted. * * @param file file to save the private key to * @param passwordForPrivateKey password to protect the private key */ public void savePrivateKeyAsPemFile(File file, String passwordForPrivateKey) { String pemEncodedPrivateKey = securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), passwordForPrivateKey, DEFAULT_PEM_ENCRYPTION_ALGORITHM); EncryptionUtil.writePemStringToFile(file, pemEncodedPrivateKey); }
@Override public KeyStore createRootCertificateKeyStore(String keyStoreType, CertificateAndKey rootCertificateAndKey, String privateKeyAlias, String password) { return KeyStoreUtil.createRootCertificateKeyStore(keyStoreType, rootCertificateAndKey.getCertificate(), privateKeyAlias, rootCertificateAndKey.getPrivateKey(), password, null); }
@Override public KeyStore createServerKeyStore(String keyStoreType, CertificateAndKey serverCertificateAndKey, X509Certificate rootCertificate, String privateKeyAlias, String password) { if (password == null) { throw new IllegalArgumentException("KeyStore password cannot be null"); } if (privateKeyAlias == null) { throw new IllegalArgumentException("Private key alias cannot be null"); } // create a KeyStore containing the impersonated certificate's private key and a certificate chain with the // impersonated cert and our root certificate KeyStore impersonatedCertificateKeyStore = KeyStoreUtil.createEmptyKeyStore(keyStoreType, null); // create the certificate chain back for the impersonated certificate back to the root certificate Certificate[] chain = {serverCertificateAndKey.getCertificate(), rootCertificate}; try { // place the impersonated certificate and its private key in the KeyStore impersonatedCertificateKeyStore.setKeyEntry(privateKeyAlias, serverCertificateAndKey.getPrivateKey(), password.toCharArray(), chain); } catch (KeyStoreException e) { throw new KeyStoreAccessException("Error storing impersonated certificate and private key in KeyStore", e); } return impersonatedCertificateKeyStore; }
PrivateKey caPrivateKey = rootCertificate.get().getPrivateKey(); if (caRootCertificate == null || caPrivateKey == null) { throw new IllegalStateException("A CA root certificate and private key are required to sign a server certificate. Root certificate was: " SslContext sslContext; try { sslContext = SslContextBuilder.forServer(impersonatedCertificateAndKey.getPrivateKey(), certChain) .ciphers(clientCipherSuites, SupportedCipherSuiteFilter.INSTANCE) .build();
/** * Returns the generated private key as a PEM-encoded String, encrypted using the specified password and the * {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. * * @param privateKeyPassword password to use to encrypt the private key */ public String encodePrivateKeyAsPem(String privateKeyPassword) { return securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), privateKeyPassword, DEFAULT_PEM_ENCRYPTION_ALGORITHM); }
/** * Returns the generated private key as a PEM-encoded String, encrypted using the specified password and the * {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. * * @param privateKeyPassword password to use to encrypt the private key */ public String encodePrivateKeyAsPem(String privateKeyPassword) { return securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), privateKeyPassword, DEFAULT_PEM_ENCRYPTION_ALGORITHM); }
/** * Saves the private key as PEM-encoded data to a file, using the specified password to encrypt the private key and * the {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. If the password is null, the private key will be stored unencrypted. * In general, private keys should not be stored unencrypted. * * @param file file to save the private key to * @param passwordForPrivateKey password to protect the private key */ public void savePrivateKeyAsPemFile(File file, String passwordForPrivateKey) { String pemEncodedPrivateKey = securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), passwordForPrivateKey, DEFAULT_PEM_ENCRYPTION_ALGORITHM); EncryptionUtil.writePemStringToFile(file, pemEncodedPrivateKey); }
/** * Saves the private key as PEM-encoded data to a file, using the specified password to encrypt the private key and * the {@link #DEFAULT_PEM_ENCRYPTION_ALGORITHM}. If the password is null, the private key will be stored unencrypted. * In general, private keys should not be stored unencrypted. * * @param file file to save the private key to * @param passwordForPrivateKey password to protect the private key */ public void savePrivateKeyAsPemFile(File file, String passwordForPrivateKey) { String pemEncodedPrivateKey = securityProviderTool.encodePrivateKeyAsPem(generatedCertificateAndKey.get().getPrivateKey(), passwordForPrivateKey, DEFAULT_PEM_ENCRYPTION_ALGORITHM); EncryptionUtil.writePemStringToFile(file, pemEncodedPrivateKey); }
@Override public KeyStore createRootCertificateKeyStore(String keyStoreType, CertificateAndKey rootCertificateAndKey, String privateKeyAlias, String password) { return KeyStoreUtil.createRootCertificateKeyStore(keyStoreType, rootCertificateAndKey.getCertificate(), privateKeyAlias, rootCertificateAndKey.getPrivateKey(), password, null); }
@Override public KeyStore createRootCertificateKeyStore(String keyStoreType, CertificateAndKey rootCertificateAndKey, String privateKeyAlias, String password) { return KeyStoreUtil.createRootCertificateKeyStore(keyStoreType, rootCertificateAndKey.getCertificate(), privateKeyAlias, rootCertificateAndKey.getPrivateKey(), password, null); }
@Override public KeyStore createServerKeyStore(String keyStoreType, CertificateAndKey serverCertificateAndKey, X509Certificate rootCertificate, String privateKeyAlias, String password) { if (password == null) { throw new IllegalArgumentException("KeyStore password cannot be null"); } if (privateKeyAlias == null) { throw new IllegalArgumentException("Private key alias cannot be null"); } // create a KeyStore containing the impersonated certificate's private key and a certificate chain with the // impersonated cert and our root certificate KeyStore impersonatedCertificateKeyStore = KeyStoreUtil.createEmptyKeyStore(keyStoreType, null); // create the certificate chain back for the impersonated certificate back to the root certificate Certificate[] chain = {serverCertificateAndKey.getCertificate(), rootCertificate}; try { // place the impersonated certificate and its private key in the KeyStore impersonatedCertificateKeyStore.setKeyEntry(privateKeyAlias, serverCertificateAndKey.getPrivateKey(), password.toCharArray(), chain); } catch (KeyStoreException e) { throw new KeyStoreAccessException("Error storing impersonated certificate and private key in KeyStore", e); } return impersonatedCertificateKeyStore; }
@Override public KeyStore createServerKeyStore(String keyStoreType, CertificateAndKey serverCertificateAndKey, X509Certificate rootCertificate, String privateKeyAlias, String password) { if (password == null) { throw new IllegalArgumentException("KeyStore password cannot be null"); } if (privateKeyAlias == null) { throw new IllegalArgumentException("Private key alias cannot be null"); } // create a KeyStore containing the impersonated certificate's private key and a certificate chain with the // impersonated cert and our root certificate KeyStore impersonatedCertificateKeyStore = KeyStoreUtil.createEmptyKeyStore(keyStoreType, null); // create the certificate chain back for the impersonated certificate back to the root certificate Certificate[] chain = {serverCertificateAndKey.getCertificate(), rootCertificate}; try { // place the impersonated certificate and its private key in the KeyStore impersonatedCertificateKeyStore.setKeyEntry(privateKeyAlias, serverCertificateAndKey.getPrivateKey(), password.toCharArray(), chain); } catch (KeyStoreException e) { throw new KeyStoreAccessException("Error storing impersonated certificate and private key in KeyStore", e); } return impersonatedCertificateKeyStore; }
PrivateKey caPrivateKey = rootCertificate.get().getPrivateKey(); if (caRootCertificate == null || caPrivateKey == null) { throw new IllegalStateException("A CA root certificate and private key are required to sign a server certificate. Root certificate was: " SslContext sslContext; try { sslContext = SslContextBuilder.forServer(impersonatedCertificateAndKey.getPrivateKey(), certChain) .ciphers(clientCipherSuites, SupportedCipherSuiteFilter.INSTANCE) .build();
PrivateKey caPrivateKey = rootCertificate.get().getPrivateKey(); if (caRootCertificate == null || caPrivateKey == null) { throw new IllegalStateException("A CA root certificate and private key are required to sign a server certificate. Root certificate was: " SslContext sslContext; try { sslContext = SslContextBuilder.forServer(impersonatedCertificateAndKey.getPrivateKey(), certChain) .ciphers(clientCipherSuites, SupportedCipherSuiteFilter.INSTANCE) .build();