java.lang.Object
org.bzdev.ejws.EmbeddedWebServer.SSLSetup
- Enclosing class:
- EmbeddedWebServer
Setup parameters for an secure-socket server.
The methods return the object created by the constructor so
that one can chain the methods together for initialization.
The default keystore and password are stored as a resource in
the EJWS jar file. When this is used, there is a corresponding
truststore in a file named ejwsCerts.jks. On Linux systems, this
should be in the directory /usr/share/bzdev although its actual
location may be system dependent. This truststore's password is
"changeit". As it is in a directory owned by root, and is intended
only for testing, this password should not be changed.
ejwsCerts.jks is needed because without explicitly providing a
keystore containing the server's certificate, a self-signed
certificate will be used (a common practice during testing).
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionconfigurator(EmbeddedWebServer.Configurator configurator) Provide a configurator.keyPassword(char[] pw) Provide a password for using a key in the keystorekeystore(InputStream is) Provide an input stream for a keystorekeystorePassword(char[] pw) Provide a password for modifying/reading a keystoretrustManagers(TrustManager[] tms) Provide trust managers.Provide an input stream for a truststore.truststorePassword(char[] pw) Provide a password for modifying/reading a truststore
-
Constructor Details
-
SSLSetup
public SSLSetup()Constructor using a default protocol (TLS). -
SSLSetup
Constructor. Possible secure-socket protocols are currently SSL, SSLv2, SSLv3, TLS, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, DTLS, DTLSv1.0, or DTLSv1.2 as described in the Java API documentation.- Parameters:
protocol- the secure-socket protocol (for example, "SSL" or "TSL")
-
-
Method Details
-
keystore
Provide an input stream for a keystore- Parameters:
is- an input stream used to load the keystore- Returns:
- this object
-
truststore
Provide an input stream for a truststore.- Parameters:
is- an input stream used to load the truststore; null to cancel- Returns:
- this object
- Throws:
IllegalStateException- iftrustManagers(javax.net.ssl.TrustManager[])has been called with a non-null value- See Also:
-
trustManagers
Provide trust managers.- Parameters:
tms- the trust managers; null too cancel- Returns:
- this object
- Throws:
IllegalStateException- iftruststore(java.io.InputStream)was called with a non-null value- See Also:
-
keystorePassword
Provide a password for modifying/reading a keystore- Parameters:
pw- the password (as a char array); null for the default ("changeit");- Returns:
- this object
-
keyPassword
Provide a password for using a key in the keystore- Parameters:
pw- the password (as a char array); null for the default ("changeit");- Returns:
- this object
-
truststorePassword
Provide a password for modifying/reading a truststore- Parameters:
pw- the password (as a char array); null for the default ("changeit");- Returns:
- this object
-
configurator
Provide a configurator. Configurators are instance of the functional interfaceEmbeddedWebServer.Configurator, and will typically be provided by a lambda expression that takes two arguments: an instance ofSSLContextand an instance ofHttpsParameters. These two arguments are provided by theHttpsServerimplementation.- Parameters:
configurator- the configurator- Returns:
- an instance of
EmbeddedWebServer.SSLSetup, encapsulating SSL parameters - See Also:
-