java.lang.Object
- io.helidon.common.pki.KeyConfig

public final class KeyConfig
extends Object

Configuration of keystore, certificates and keys. This class is not RSA specific, though it is tested with RSA keys only.

Can be either built through a builder, or loaded from configuration.

Full configuration example (this class can be used to wrap either of: private key, public key, public key certificate, and certification chain, and a list of certificates):

 # path to keystore (mandatory when loaded from config)
 keystore.resource.path = "src/test/resources/keystore.p12"
 # Keystore type
 # PKCS12 or JKS
 # defaults to jdk default (PKCS12 for latest JDK)
 keystore-type = "JKS"
 # password of the keystore (optional, defaults to empty)
 keystore-passphrase = "password"
 # alias of the certificate to get public key from (mandatory if public key is needed or public cert is needed)
 cert-alias = "service_cert"
 # alias of the key to sign request (mandatory if private key is needed)
 key-alias = "myPrivateKey"
 # password of the private key (usually the same as keystore - that's how openssl does it)
 # also defaults to keystore-passphrase
 key-passphrase = "password"
 # certification chain - will add certificates from this cert chain
 cert-chain = "alias1"
 # path to PEM file with a private key. May be encrypted, though only with PCKS#8. To get the correct format (e.g. from
 # openssl generated encrypted private key), use the following command:
 # openssl pkcs8 -topk8 -in ./id_rsa -out ./id_rsa.p8
 key-path = "path/to/private/key"
 # path to PEM file with certificate chain (may contain more than one certificate)
 cert-chain-path = "path/to/cert/chain/path"

Nested Class Summary

Nested Classes
Modifier and Type	Class	Description
`static class`	`KeyConfig.Builder`	Fluent API builder for `KeyConfig`.
`static class`	`KeyConfig.KeystoreBuilder`	Builder for resources from a java keystore (PKCS12, JKS etc.).
`static class`	`KeyConfig.PemBuilder`	Builder for PEM files - accepts private key and certificate chain.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`List<X509Certificate>`	`certChain()`	The X.509 Certificate Chain.
`List<X509Certificate>`	`certs()`	The X.509 Certificates.
`static KeyConfig`	`create(Config config)`	Load key config from config.
`static KeyConfig.Builder`	`fullBuilder()`	Creates a new builder to configure instance.
`static KeyConfig.KeystoreBuilder`	`keystoreBuilder()`	Build this instance from a java keystore (such as PKCS12 keystore).
`static KeyConfig.PemBuilder`	`pemBuilder()`	Build this instance from PEM files (usually a pair of private key and certificate chain).
`Optional<PrivateKey>`	`privateKey()`	The private key of this config if configured.
`Optional<X509Certificate>`	`publicCert()`	The public X.509 Certificate if configured.
`Optional<PublicKey>`	`publicKey()`	The public key of this config if configured.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - create
```
public static KeyConfig create(Config config)
                        throws PkiException
```
    Load key config from config.
    
    Parameters:
    
    config - config instance located at keys configuration (expects "keystore-path" child)
    
    Returns:
    
    KeyConfig loaded from config
    
    Throws:
    
    PkiException - when keys or certificates fail to load from keystore or when misconfigured
  - fullBuilder
```
public static KeyConfig.Builder fullBuilder()
```
    Creates a new builder to configure instance.
    
    Returns:
    
    builder instance
  - pemBuilder
```
public static KeyConfig.PemBuilder pemBuilder()
```
    Build this instance from PEM files (usually a pair of private key and certificate chain). Call KeyConfig.PemBuilder.build() to build the instance. If you need to add additional information to KeyConfig, use KeyConfig.PemBuilder.toFullBuilder().
    
    Returns:
    
    builder for PEM files
  - keystoreBuilder
```
public static KeyConfig.KeystoreBuilder keystoreBuilder()
```
    Build this instance from a java keystore (such as PKCS12 keystore). Call KeyConfig.KeystoreBuilder.build() to build the instance. If you need to add additional information to KeyConfig, use KeyConfig.PemBuilder.toFullBuilder().
    
    Returns:
    
    builder for Keystore
  - publicKey
```
public Optional<PublicKey> publicKey()
```
    The public key of this config if configured.
    
    Returns:
    
    the public key of this config or empty if not configured
  - privateKey
```
public Optional<PrivateKey> privateKey()
```
    The private key of this config if configured.
    
    Returns:
    
    the private key of this config or empty if not configured
  - publicCert
```
public Optional<X509Certificate> publicCert()
```
    The public X.509 Certificate if configured.
    
    Returns:
    
    the public certificate of this config or empty if not configured
  - certChain
```
public List<X509Certificate> certChain()
```
    The X.509 Certificate Chain.
    
    Returns:
    
    the certificate chain or empty list if not configured
  - certs
```
public List<X509Certificate> certs()
```
    The X.509 Certificates.
    
    Returns:
    
    the certificates configured or empty list if none configured

Class KeyConfig

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

create

fullBuilder

pemBuilder

keystoreBuilder

publicKey

privateKey

publicCert

certChain

certs