public class SelfSignedCertGen
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
private java.util.Map<java.lang.String,java.lang.String> |
company
Map identifying the company attributes.
|
private SSLCertFactory |
factory
Factory to generate the SSL certificate.
|
private java.util.Map<java.lang.String,java.lang.String> |
keyEntryPasswords
The random passwords used to encrypt the private keys in their
KeyStore , per each
alias. |
private java.lang.String |
masterPassword
The master password to encrypt all private keys, in the directory.
|
private java.io.BufferedReader |
reader
Read data from the standard input.
|
private java.lang.String |
rootCAAlias
Alias for the root CA.
|
private java.lang.String |
serverAlias
Server alias.
|
private java.security.KeyStore |
trustCertStore
Store where to add the trusted certificates (servers and CAs).
|
private java.security.KeyStore |
trustKeyStore
Store where to add the private keys for the trusted certificates.
|
private int |
validity
The certificate's validity, in years.
|
private static java.lang.String[] |
YES_NO
Valid entries for yes/no options.
|
Constructor and Description |
---|
SelfSignedCertGen()
Create a new utility instance.
|
Modifier and Type | Method and Description |
---|---|
private java.lang.String |
createAES256BitKey()
Create a random 256-bit password to be used as an AES encryption key.
|
private java.security.KeyStore |
createEmptyStore()
Create an empty store, to hold either private keys or certificates.
|
void |
generate()
Main method to (re)generate the root CA, peer certificates and private keys.
|
private void |
generateRootCA()
Generate the root CA.
|
private void |
generateServerCertificate()
Generate peer certificate for the server.
|
static void |
main(java.lang.String[] args)
Command line driver.
|
private void |
readConfiguration()
Read the existing configuration from the standard input.
|
private java.lang.String |
readLine(java.lang.String txt)
Read a line of text using the created
reader . |
private java.lang.String |
readOption(java.lang.String msg,
java.lang.String[] valid)
Ask the user to enter one of the specified valid options, using the given message.
|
private void |
saveRootCAPrivateKey()
Save the root CA private key in an external key store.
|
private void |
saveServerCertificates()
Save the server certificates in an external store.
|
private void |
saveServerPrivateKey()
Save the private keys in external key store(s).
|
private static final java.lang.String[] YES_NO
private final java.io.BufferedReader reader
private final java.util.Map<java.lang.String,java.lang.String> company
private final SSLCertFactory factory
private final java.security.KeyStore trustCertStore
private final java.security.KeyStore trustKeyStore
private final java.util.Map<java.lang.String,java.lang.String> keyEntryPasswords
KeyStore
, per each
alias.private int validity
private java.lang.String rootCAAlias
private java.lang.String serverAlias
private java.lang.String masterPassword
public SelfSignedCertGen() throws java.io.IOException, SSLCertGenException
SSLCertGenException
- If the utility could not be instantiated.java.io.IOException
public void generate() throws java.io.IOException, SSLCertGenException
java.io.IOException
- If standard input can not be accessed.SSLCertGenException
- In case of problems during the generation of root CA or peer certificates.private void saveRootCAPrivateKey() throws java.io.IOException, SSLCertGenException
java.io.IOException
- If standard input can not be accessed.SSLCertGenException
- In case of problems during key store access.private void saveServerCertificates() throws java.io.IOException, SSLCertGenException
java.io.IOException
- If standard input can not be accessed.SSLCertGenException
- In case of problems during key store access.private void saveServerPrivateKey() throws java.io.IOException, SSLCertGenException
java.io.IOException
- If standard input can not be accessed.SSLCertGenException
- In case of problems during key store access.private void generateServerCertificate() throws SSLCertGenException
SSLCertGenException
- If the SSL certificates could not be generated.private void generateRootCA() throws SSLCertGenException, java.io.IOException
SSLCertGenException
- If the root CA could not be generated.java.io.IOException
- If the alias for the root CA could not be read from standard input.private void readConfiguration() throws java.io.IOException, SSLCertGenException
java.io.IOException
- In case of problems during reading.SSLCertGenException
- If the SSLCertFactory
factory could not be initialized.private java.lang.String readLine(java.lang.String txt) throws java.io.IOException
reader
.txt
- Description to be written to standard output.java.io.IOException
- If data could not be read.private java.lang.String readOption(java.lang.String msg, java.lang.String[] valid) throws java.io.IOException
msg
- The message shown to the user.valid
- An array of valid options.java.io.IOException
private java.security.KeyStore createEmptyStore() throws SSLCertGenException
KeyStore
instance.SSLCertGenException
- If the store could not be generated.private java.lang.String createAES256BitKey()
public static void main(java.lang.String[] args) throws java.io.IOException, SSLCertGenException
args
- Application command line parameters. File name is the only one expected.java.io.IOException
- If standard input can not be accessed.SSLCertGenException
- In case of problems during the generation of root CA or peer certificates.