Class CertificateStore

  • Direct Known Subclasses:
    IdentityStore, TrustStore

    public abstract class CertificateStore
    extends Object
    A wrapper class for a Java store of certificates, its metadata (password, location) and related functionality. A subclass of this class exists for each of the two distinct types of key store.
    • one that is used to provide credentials, an identity store, in IdentityStore
    • one that is used to verify credentials, a trust store, in TrustStore
    Note that in Java terminology, an identity store is commonly referred to as a 'key store', while the same name is also used to identify the generic certificate store. To have clear distinction between common denominator and each of the specific types, this implementation uses the terms "certificate store", "identity store" and "trust store".
    Author:
    Guus der Kinderen, guus.der.kinderen@gmail.com
    • Method Detail

      • reload

        public void reload()
                    throws CertificateStoreConfigException
        Reloads the content of the store from disk. Useful when the store content has been modified outside of the Openfire process, or when changes that have not been persisted need to be undone.
        Throws:
        CertificateStoreConfigException - if the store could not be reloaded
      • backup

        public Path backup()
        Copies the file that is the persistent storage for this store to a new file in the backup location.
        Returns:
        The path in which the backup was created, or null if the creation of the backup failed.
      • getAllCertificates

        public Map<String,​X509Certificate> getAllCertificates()
                                                             throws KeyStoreException
        Returns a collection of all x.509 certificates in this store. Certificates returned by this method can be of any state (eg: invalid, on a revocation list, etc).
        Returns:
        A collection (possibly empty, never null) of all certificates in this store, mapped by their alias.
        Throws:
        KeyStoreException - if a keystore has not been initialized
      • delete

        public void delete​(String alias)
                    throws CertificateStoreConfigException
        Deletes an entry (by entry) in this store. All information related to this entry will be removed, including certificates and keys. When the store does not contain an entry that matches the provided alias, this method does nothing.
        Parameters:
        alias - The alias for which to delete an entry (cannot be null or empty).
        Throws:
        CertificateStoreConfigException - if the entry could not be deleted