Module io.helidon.common.pki

Package io.helidon.common.pki

Interface PemKeys

All Superinterfaces:

Prototype.Api

All Known Implementing Classes:

PemKeys.BuilderBase.PemKeysImpl

public interface PemKeys
extends Prototype.Api

PEM files based keys - accepts private key and certificate chain.

If you have "standard" linux/unix private key, you must run " openssl pkcs8 -topk8 -in ./id_rsa -out ./id_rsa.p8" on it to work with this builder for password protected file; or "openssl pkcs8 -topk8 -in ./id_rsa -out ./id_rsa_nocrypt.p8 -nocrypt" for unprotected file.

The only supported format is PKCS#8. If you have a different format, you must transform it to PKCS8 PEM format (to use this builder), or to PKCS#12 keystore format (and use KeystoreKeys.Builder).

See Also:

• builder()
• create()

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	PemKeys.Builder	Fluent API builder for PemKeys.
static class	PemKeys.BuilderBase<BUILDER extends PemKeys.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends PemKeys>	Fluent API builder base for PemKeys.

Method Summary

Modifier and Type	Method	Description
static PemKeys.Builder	builder()	Create a new fluent API builder to customize configuration.
static PemKeys.Builder	builder(PemKeys instance)	Create a new fluent API builder from an existing instance.
Optional<Resource>	certChain()	Load certificate chain from PEM resource.
Optional<Resource>	certificates()	Read one or more certificates in PEM format from a resource definition.
static PemKeys	create()	Create a new instance with default values.
static PemKeys	create(Config config)	Create a new instance from configuration.
Optional<Resource>	key()	Read a private key from PEM format from a resource definition.
Optional<char[]>	keyPassphrase()	Passphrase for private key.
Optional<Resource>	publicKey()	Read a public key from PEM format from a resource definition.

Method Details

builder

static PemKeys.Builder builder()

Create a new fluent API builder to customize configuration.

Returns:

a new builder

builder

static PemKeys.Builder builder(PemKeys instance)

Create a new fluent API builder from an existing instance.

Parameters:

instance - an existing instance used as a base for the builder

Returns:

a builder based on an instance

create

static PemKeys create(Config config)

Create a new instance from configuration.

Parameters:

config - used to configure the new instance

Returns:

a new instance configured from configuration

create

static PemKeys create()

Create a new instance with default values.

Returns:

a new instance

key

Optional<Resource> key()

Read a private key from PEM format from a resource definition.

Returns:

key resource (file, classpath, URL etc.)

keyPassphrase

Optional<char[]> keyPassphrase()

Passphrase for private key. If the key is encrypted (and in PEM PKCS#8 format), this passphrase will be used to decrypt it.

Returns:

passphrase used to encrypt the private key

publicKey

Optional<Resource> publicKey()

Read a public key from PEM format from a resource definition.

Returns:

public key resource (file, classpath, URL etc.)

certChain

Optional<Resource> certChain()

Load certificate chain from PEM resource.

Returns:

resource (e.g. classpath, file path, URL etc.)

certificates

Optional<Resource> certificates()

Read one or more certificates in PEM format from a resource definition. Used eg: in a trust store.

Returns:

key resource (file, classpath, URL etc.)