|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.eclipse.jetty.util.security.CertificateValidator
public class CertificateValidator
Convenience class to handle validation of certificates, aliases and keystores Allows specifying Certificate Revocation List (CRL), as well as enabling CRL Distribution Points Protocol (CRLDP) certificate extension support, and also enabling On-Line Certificate Status Protocol (OCSP) support. IMPORTANT: at least one of the above mechanisms *MUST* be configured and operational, otherwise certificate validation *WILL FAIL* unconditionally.
Constructor Summary | |
---|---|
CertificateValidator(KeyStore trustStore,
Collection<? extends CRL> crls)
creates an instance of the certificate validator |
Method Summary | |
---|---|
Collection<? extends CRL> |
getCrls()
|
int |
getMaxCertPathLength()
|
String |
getOcspResponderURL()
|
KeyStore |
getTrustStore()
|
boolean |
isEnableCRLDP()
|
boolean |
isEnableOCSP()
|
void |
setEnableCRLDP(boolean enableCRLDP)
Enables CRL Distribution Points Support |
void |
setEnableOCSP(boolean enableOCSP)
Enables On-Line Certificate Status Protocol support |
void |
setMaxCertPathLength(int maxCertPathLength)
|
void |
setOcspResponderURL(String ocspResponderURL)
Set the location of the OCSP Responder. |
void |
validate(Certificate[] certChain)
|
void |
validate(KeyStore keyStore)
validates all aliases inside of a given keystore |
void |
validate(KeyStore keyStore,
Certificate cert)
validates a specific certificate inside of the keystore being passed in |
String |
validate(KeyStore keyStore,
String keyAlias)
validates a specific alias inside of the keystore being passed in |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CertificateValidator(KeyStore trustStore, Collection<? extends CRL> crls)
trustStore
- crls
- Method Detail |
---|
public void validate(KeyStore keyStore) throws CertificateException
keyStore
-
CertificateException
public String validate(KeyStore keyStore, String keyAlias) throws CertificateException
keyStore
- keyAlias
-
CertificateException
public void validate(KeyStore keyStore, Certificate cert) throws CertificateException
keyStore
- cert
-
CertificateException
public void validate(Certificate[] certChain) throws CertificateException
CertificateException
public KeyStore getTrustStore()
public Collection<? extends CRL> getCrls()
public int getMaxCertPathLength()
public void setMaxCertPathLength(int maxCertPathLength)
maxCertPathLength
- maximum number of intermediate certificates in
the certification path (-1 for unlimited)public boolean isEnableCRLDP()
public void setEnableCRLDP(boolean enableCRLDP)
enableCRLDP
- true - turn on, false - turns offpublic boolean isEnableOCSP()
public void setEnableOCSP(boolean enableOCSP)
enableOCSP
- true - turn on, false - turn offpublic String getOcspResponderURL()
public void setOcspResponderURL(String ocspResponderURL)
ocspResponderURL
- location of the OCSP Responder
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |