Package io.helidon.common.pki

Class KeyConfig.KeystoreBuilder

    • Method Detail

      • trustStore

        public KeyConfig.KeystoreBuilder trustStore()
        If you want to build a trust store, call this method to add all certificates present in the keystore to certificate list.
        Returns:
        updated builder instance

      • addCertAlias

        public KeyConfig.KeystoreBuilder addCertAlias​(String alias)
        Add an alias to list of aliases used to generate a trusted set of certificates.
        Parameters:
        alias - alias of a certificate
        Returns:
        updated builder instance

      • keystore

        public KeyConfig.KeystoreBuilder keystore​(Resource keystore)
        Keystore resource definition.
        Parameters:
        keystore - keystore resource, from file path, classpath, URL etc.
        Returns:
        updated builder instance

      • keystoreType

        public KeyConfig.KeystoreBuilder keystoreType​(String keystoreType)
        Set type of keystore. Defaults to "PKCS12", expected are other keystore types supported by java then can store keys under aliases.
        Parameters:
        keystoreType - keystore type to load the key
        Returns:
        updated builder instance

      • keystorePassphrase

        public KeyConfig.KeystoreBuilder keystorePassphrase​(char[] keystorePassphrase)
        Pass-phrase of the keystore (supported with JKS and PKCS12 keystores).
        Parameters:
        keystorePassphrase - keystore pass-phrase
        Returns:
        updated builder instance

      • keyAlias

        public KeyConfig.KeystoreBuilder keyAlias​(String keyAlias)
        Alias of the private key in the keystore.
        Parameters:
        keyAlias - alias of the key in the keystore
        Returns:
        updated builder instance

      • certAlias

        public KeyConfig.KeystoreBuilder certAlias​(String alias)
        Alias of X.509 certificate of public key. Used to load both the certificate and public key.
        Parameters:
        alias - alias under which the certificate is stored in the keystore
        Returns:
        updated builder instance

      • certChainAlias

        public KeyConfig.KeystoreBuilder certChainAlias​(String alias)
        Alias of an X.509 chain.
        Parameters:
        alias - alias of certificate chain in the keystore
        Returns:
        updated builder instance

      • keyPassphrase

        public KeyConfig.KeystoreBuilder keyPassphrase​(char[] privateKeyPassphrase)
        Pass-phrase of the key in the keystore (used for private keys). This is (by default) the same as keystore passphrase - only configure if it differs from keystore passphrase.
        Parameters:
        privateKeyPassphrase - pass-phrase of the key
        Returns:
        updated builder instance

      • toFullBuilder

        public KeyConfig.Builder toFullBuilder()
        Create a builder for KeyConfig from this keystore builder. This allows you to enhance the config with additional (explicit) fields.
        Returns:
        builder of KeyConfig

      • config

        public KeyConfig.KeystoreBuilder config​(Config config)
        Update this builder from configuration. The following keys are expected:
        • keystore-path: path of keystore on file system
        • keystore-resource-path: path of keystore in classpath
        • keystore-content: actual base64 encoded content of the keystore
        • keystore-type: type of keystore (defaults to PKCS12)
        • keystore-passphrase: passphrase of keystore, if required
        • key-alias: alias of private key, if wanted (defaults to "1")
        • key-passphrase: passphrase of private key if differs from keystore passphrase
        • cert-alias: alias of public certificate (to obtain public key)
        • cert-chain: alias of certificate chain
        • trust-store: true if this is a trust store (and we should load all certificates from it), defaults to false
        Parameters:
        config - configuration instance
        Returns:
        updated builder instance