Package org.jivesoftware.openfire.keystore

Class CertificateStoreManager

java.lang.Object
org.jivesoftware.openfire.container.BasicModule
org.jivesoftware.openfire.keystore.CertificateStoreManager
All Implemented Interfaces:
Module
public class CertificateStoreManager extends BasicModule
A manager of certificate stores.

  • Constructor Details

    • CertificateStoreManager

      public CertificateStoreManager()

    • CertificateStoreManager

      public CertificateStoreManager(boolean disableWatcher)

  • Method Details

    • initialize

      public void initialize(XMPPServer server)
      Description copied from class: BasicModule

      Initializes the basic module.

      Inheriting classes that choose to override this method MUST call this initialize() method before accessing BasicModule resources.

      Specified by:
      initialize in interface Module
      Overrides:
      initialize in class BasicModule
      Parameters:
      server - the server hosting this module.

    • destroy

      public void destroy()
      Description copied from class: BasicModule

      Destroys the module.

      Does nothing in the basic module.

      Specified by:
      destroy in interface Module
      Overrides:
      destroy in class BasicModule

    • getIdentityStore

      public IdentityStore getIdentityStore(ConnectionType type)

    • getTrustStore

      public TrustStore getTrustStore(ConnectionType type)

    • replaceIdentityStore

      public void replaceIdentityStore(ConnectionType type, CertificateStoreConfiguration configuration, boolean createIfAbsent) throws CertificateStoreConfigException
      Throws:
      CertificateStoreConfigException

    • replaceTrustStore

      public void replaceTrustStore(ConnectionType type, CertificateStoreConfiguration configuration, boolean createIfAbsent) throws CertificateStoreConfigException
      Throws:
      CertificateStoreConfigException

    • getIdentityStoreConfiguration

      public CertificateStoreConfiguration getIdentityStoreConfiguration(ConnectionType type) throws IOException
      Throws:
      IOException

    • getTrustStoreConfiguration

      public CertificateStoreConfiguration getTrustStoreConfiguration(ConnectionType type) throws IOException
      Throws:
      IOException

    • backup

      public Collection<Path> backup() throws IOException
      Creates a backup of all files that back any of the certificate stores. Each certificate store can be configured to use a distinct file, as well as use a distinct backup location. In practise, there will be a lot of overlap. This implementation creates a backup (by copying the file) for each unique file/backup-location combination in the collection of all certificate stores.
      Returns:
      the paths the store was backed up to
      Throws:
      IOException - if the store could not be backed up

    • getTrustStoreType

      public static String getTrustStoreType(ConnectionType type)
      The KeyStore type (jks, jceks, pkcs12, etc) for the trust store for connections of a particular type.
      Parameters:
      type - the connection type
      Returns:
      a store type (never null).
      See Also:

    • getIdentityStoreType

      public static String getIdentityStoreType(ConnectionType type)
      The KeyStore type (jks, jceks, pkcs12, etc) for the identity store for connections of a particular type.
      Parameters:
      type - the connection type
      Returns:
      a store type (never null).
      See Also:

    • getIdentityStoreBackupDirectory

      public static String getIdentityStoreBackupDirectory(ConnectionType type)
      The location (relative to OPENFIRE_HOME) of the directory that holds backups for identity stores.
      Parameters:
      type - the connection type
      Returns:
      a path (never null).

    • getTrustStoreBackupDirectory

      public static String getTrustStoreBackupDirectory(ConnectionType type)
      The location (relative to OPENFIRE_HOME) of the directory that holds backups for trust stores.
      Parameters:
      type - the connection type
      Returns:
      a path (never null).

    • usesDistinctConfigurationForEachType

      public boolean usesDistinctConfigurationForEachType() throws IOException
      Checks if Openfire is configured to use the same set of three keystore files for all connection types (one identity store, and two trust stores - one for client-based connections, and one for server/component-based connections). This method will return 'false' when running Openfire without changes to its default keystore configuration. If changes are made to use different keystores for at least one connection type, this method returns 'true'.
      Returns:
      true if Openfire is using different keystores based on the type of connection, false when running with the default store configuration.
      Throws:
      IOException - if there was an IO error