public class PemKeyCertOptions extends Object implements KeyCertOptions
A key file must contain a non encrypted private key in PKCS8 format wrapped in a PEM block, for example:
-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV6zPk5WqLwS0a ... K5xBhtm1AhdnZjx5KfW3BecE -----END PRIVATE KEY-----
Or contain a non encrypted private key in PKCS1 format wrapped in a PEM block, for example:
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAlO4gbHeFb/fmbUF/tOJfNPJumJUEqgzAzx8MBXv9Acyw9IRa ... zJ14Yd+t2fsLYVs2H0gxaA4DW6neCzgY3eKpSU0EBHUCFSXp/1+/ -----END RSA PRIVATE KEY-----
A certificate file must contain an X.509 certificate wrapped in a PEM block, for example:
-----BEGIN CERTIFICATE----- MIIDezCCAmOgAwIBAgIEZOI/3TANBgkqhkiG9w0BAQsFADBuMRAwDgYDVQQGEwdV ... +tmLSvYS39O2nqIzzAUfztkYnUlZmB0l/mKkVqbGJA== -----END CERTIFICATE-----Keys and certificates can either be loaded by Vert.x from the filesystem:
HttpServerOptions options = new HttpServerOptions(); options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("/mykey.pem").setCertPath("/mycert.pem"));Or directly provided as a buffer:
Buffer key = vertx.fileSystem().readFileBlocking("/mykey.pem"); Buffer cert = vertx.fileSystem().readFileBlocking("/mycert.pem"); options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyValue(key).setCertValue(cert));Several key/certificate pairs can be used:
HttpServerOptions options = new HttpServerOptions(); options.setPemKeyCertOptions(new PemKeyCertOptions() .addKeyPath("/mykey1.pem").addCertPath("/mycert1.pem") .addKeyPath("/mykey2.pem").addCertPath("/mycert2.pem"));
Constructor and Description |
---|
PemKeyCertOptions()
Default constructor
|
PemKeyCertOptions(JsonObject json)
Create options from JSON
|
PemKeyCertOptions(PemKeyCertOptions other)
Copy constructor
|
Modifier and Type | Method and Description |
---|---|
PemKeyCertOptions |
addCertPath(String certPath)
Add a path to a certificate file
|
PemKeyCertOptions |
addCertValue(Buffer certValue)
Add a certificate as a buffer
|
PemKeyCertOptions |
addKeyPath(String keyPath)
Add a path to a key file
|
PemKeyCertOptions |
addKeyValue(Buffer keyValue)
Add a key as a buffer
|
PemKeyCertOptions |
copy() |
String |
getCertPath()
Get the path to the first certificate file
|
List<String> |
getCertPaths()
Get all the paths to the certificates files
|
Buffer |
getCertValue()
Get the first certificate as a buffer
|
List<Buffer> |
getCertValues()
Get all the certificates as a list of buffer
|
KeyManagerFactory |
getKeyManagerFactory(Vertx vertx)
Create and return the key manager factory for these options.
|
String |
getKeyPath()
Get the path to the first key file
|
List<String> |
getKeyPaths()
Get all the paths to the key files
|
Buffer |
getKeyValue()
Get the first key as a buffer
|
List<Buffer> |
getKeyValues()
Get all the keys as a list of buffer
|
java.util.function.Function<String,X509KeyManager> |
keyManagerMapper(Vertx vertx)
Returns a function that maps SNI server names to
X509KeyManager instance. |
KeyStore |
loadKeyStore(Vertx vertx)
Load and return a Java keystore.
|
PemKeyCertOptions |
setCertPath(String certPath)
Set the path of the first certificate, replacing the previous certificates paths
|
PemKeyCertOptions |
setCertPaths(List<String> certPaths)
Set all the paths to the certificates files
|
PemKeyCertOptions |
setCertValue(Buffer certValue)
Set the first certificate as a buffer, replacing the previous certificates buffers
|
PemKeyCertOptions |
setCertValues(List<Buffer> certValues)
Set all the certificates as a list of buffer
|
PemKeyCertOptions |
setKeyPath(String keyPath)
Set the path of the first key file, replacing the keys paths
|
PemKeyCertOptions |
setKeyPaths(List<String> keyPaths)
Set all the paths to the keys files
|
PemKeyCertOptions |
setKeyValue(Buffer keyValue)
Set the first key a a buffer, replacing the previous keys buffers
|
PemKeyCertOptions |
setKeyValues(List<Buffer> keyValues)
Set all the keys as a list of buffer
|
JsonObject |
toJson()
Convert to JSON
|
public PemKeyCertOptions()
public PemKeyCertOptions(PemKeyCertOptions other)
other
- the options to copypublic PemKeyCertOptions(JsonObject json)
json
- the JSONpublic JsonObject toJson()
public String getKeyPath()
public PemKeyCertOptions setKeyPath(String keyPath)
keyPath
- the path to the first key filepublic List<String> getKeyPaths()
public PemKeyCertOptions setKeyPaths(List<String> keyPaths)
keyPaths
- the paths to the keys filespublic PemKeyCertOptions addKeyPath(String keyPath)
keyPath
- the path to the key filepublic Buffer getKeyValue()
public PemKeyCertOptions setKeyValue(Buffer keyValue)
keyValue
- key as a bufferpublic List<Buffer> getKeyValues()
public PemKeyCertOptions setKeyValues(List<Buffer> keyValues)
keyValues
- the keys as a list of bufferpublic PemKeyCertOptions addKeyValue(Buffer keyValue)
keyValue
- the key to addpublic String getCertPath()
public PemKeyCertOptions setCertPath(String certPath)
certPath
- the path to the certificatepublic List<String> getCertPaths()
public PemKeyCertOptions setCertPaths(List<String> certPaths)
certPaths
- the paths to the certificates filespublic PemKeyCertOptions addCertPath(String certPath)
certPath
- the path to the certificate filepublic Buffer getCertValue()
public PemKeyCertOptions setCertValue(Buffer certValue)
certValue
- the first certificate as a bufferpublic List<Buffer> getCertValues()
public PemKeyCertOptions setCertValues(List<Buffer> certValues)
certValues
- the certificates as a list of bufferpublic PemKeyCertOptions addCertValue(Buffer certValue)
certValue
- the certificate to addpublic PemKeyCertOptions copy()
copy
in interface KeyCertOptions
public KeyStore loadKeyStore(Vertx vertx) throws Exception
vertx
- the vertx instanceKeyStore
Exception
public KeyManagerFactory getKeyManagerFactory(Vertx vertx) throws Exception
KeyCertOptions
The returned key manager factory should be already initialized and ready to use.
getKeyManagerFactory
in interface KeyCertOptions
vertx
- the vertx instanceException
public java.util.function.Function<String,X509KeyManager> keyManagerMapper(Vertx vertx) throws Exception
KeyCertOptions
X509KeyManager
instance.
The returned X509KeyManager
must satisfies these rules:
X509KeyManager.getPrivateKey(String)
returns the private key for the indicated server name,
the alias
parameter will be null
.X509KeyManager.getCertificateChain(String)
returns the certificate chain for the indicated server name,
the alias
parameter will be null
.
The returned function may return null in which case the default key manager provided by KeyCertOptions.getKeyManagerFactory(Vertx)
will be used.
keyManagerMapper
in interface KeyCertOptions
Exception
Copyright © 2020 Eclipse. All rights reserved.