org.globus.gsi.jsse
Class GlobusSSLHelper

java.lang.Object
  extended by org.globus.gsi.jsse.GlobusSSLHelper

public final class GlobusSSLHelper
extends java.lang.Object

This is a utility class designed to simplify common tasks required for configuring the globus ssl support.

Since:
1.0
Version:
1.0

Method Summary
static java.security.KeyStore buildTrustStore(java.lang.String provider, java.lang.String trustAnchorStoreType, java.lang.String trustAnchorStoreLocation, java.lang.String trustAnchorStorePassword)
          Create a trust store using the supplied details.
static java.security.KeyStore findCredentialStore(java.lang.String provider, java.lang.String credentialStoreType, java.lang.String credentialStoreLocation, java.lang.String credentialStorePassword)
          Create a configured CredentialStore using the supplied parameters.
static java.security.cert.CertStore findCRLStore(java.lang.String crlPattern)
          Create a store of Certificate Revocation Lists.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

buildTrustStore

public static java.security.KeyStore buildTrustStore(java.lang.String provider,
                                                     java.lang.String trustAnchorStoreType,
                                                     java.lang.String trustAnchorStoreLocation,
                                                     java.lang.String trustAnchorStorePassword)
                                              throws GlobusSSLConfigurationException
Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.

Parameters:
provider - The Java security provider to use.
trustAnchorStoreType - The type of key store to be constructed.
trustAnchorStoreLocation - The location of the trust store file
trustAnchorStorePassword - The password for the trust store.
Returns:
A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
Throws:
GlobusSSLConfigurationException - If unable to construct the TrustStore.

findCredentialStore

public static java.security.KeyStore findCredentialStore(java.lang.String provider,
                                                         java.lang.String credentialStoreType,
                                                         java.lang.String credentialStoreLocation,
                                                         java.lang.String credentialStorePassword)
                                                  throws GlobusSSLConfigurationException
Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.

Parameters:
provider - The Java security provider to use.
credentialStoreType - The type of key store to be constructed.
credentialStoreLocation - The location of the credential store file
credentialStorePassword - The password for the credential store.
Returns:
A configured Keystore which holds credentials defined by these parameters.
Throws:
GlobusSSLConfigurationException - If unable to construct the Credential Store.

findCRLStore

public static java.security.cert.CertStore findCRLStore(java.lang.String crlPattern)
                                                 throws GlobusSSLConfigurationException
Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.

Parameters:
crlPattern - The pattern which defines the locations of the CRL's
Returns:
A configured Java CertStore containing the specified CRL's
Throws:
GlobusSSLConfigurationException - if the store cannot be loaded.


Copyright © 2013. All Rights Reserved.