Module io.helidon.common.pki
Package io.helidon.common.pki

Class KeyConfig.KeystoreBuilder

java.lang.Object
io.helidon.common.pki.KeyConfig.KeystoreBuilder
All Implemented Interfaces:
Builder<KeyConfig.Builder,KeyConfig>, Supplier<KeyConfig>
Enclosing class:
KeyConfig
public static final class KeyConfig.KeystoreBuilder extends Object implements Builder<KeyConfig.Builder,KeyConfig>
Builder for resources from a java keystore (PKCS12, JKS etc.). Obtain an instance through KeyConfig.keystoreBuilder().

  • Method Details

    • trustStore

      public KeyConfig.KeystoreBuilder trustStore()
      If you want to build a trust store, call this method to add all certificates present in the keystore to certificate list.
      Returns:
      updated builder instance

    • addCertAlias

      public KeyConfig.KeystoreBuilder addCertAlias(String alias)
      Add an alias to list of aliases used to generate a trusted set of certificates.
      Parameters:
      alias - alias of a certificate
      Returns:
      updated builder instance

    • keystore

      public KeyConfig.KeystoreBuilder keystore(Resource keystore)
      Keystore resource definition.
      Parameters:
      keystore - keystore resource, from file path, classpath, URL etc.
      Returns:
      updated builder instance

    • keystoreType

      public KeyConfig.KeystoreBuilder keystoreType(String keystoreType)
      Set type of keystore. Defaults to "PKCS12", expected are other keystore types supported by java then can store keys under aliases.
      Parameters:
      keystoreType - keystore type to load the key
      Returns:
      updated builder instance

    • keystorePassphrase

      public KeyConfig.KeystoreBuilder keystorePassphrase(char[] keystorePassphrase)
      Pass-phrase of the keystore (supported with JKS and PKCS12 keystores).
      Parameters:
      keystorePassphrase - keystore pass-phrase
      Returns:
      updated builder instance

    • keystorePassphrase

      public KeyConfig.KeystoreBuilder keystorePassphrase(String keystorePassword)
      Pass-phrase of the keystore (supported with JKS and PKCS12 keystores).
      Parameters:
      keystorePassword - keystore password to use, calls keystorePassphrase(char[])
      Returns:
      updated builder instance

    • keyAlias

      public KeyConfig.KeystoreBuilder keyAlias(String keyAlias)
      Alias of the private key in the keystore.
      Parameters:
      keyAlias - alias of the key in the keystore
      Returns:
      updated builder instance

    • certAlias

      public KeyConfig.KeystoreBuilder certAlias(String alias)
      Alias of X.509 certificate of public key. Used to load both the certificate and public key.
      Parameters:
      alias - alias under which the certificate is stored in the keystore
      Returns:
      updated builder instance

    • certChainAlias

      public KeyConfig.KeystoreBuilder certChainAlias(String alias)
      Alias of an X.509 chain.
      Parameters:
      alias - alias of certificate chain in the keystore
      Returns:
      updated builder instance

    • keyPassphrase

      public KeyConfig.KeystoreBuilder keyPassphrase(char[] privateKeyPassphrase)
      Pass-phrase of the key in the keystore (used for private keys). This is (by default) the same as keystore passphrase - only configure if it differs from keystore passphrase.
      Parameters:
      privateKeyPassphrase - pass-phrase of the key
      Returns:
      updated builder instance

    • keyPassphrase

      public KeyConfig.KeystoreBuilder keyPassphrase(String privateKeyPassphrase)
      Pass-phrase of the key in the keystore (used for private keys). This is (by default) the same as keystore passphrase - only configure if it differs from keystore passphrase.
      Parameters:
      privateKeyPassphrase - pass-phrase of the key
      Returns:
      updated builder instance

    • build

      public KeyConfig build()
      Create an instance of KeyConfig based on this builder.
      Specified by:
      build in interface Builder<KeyConfig.Builder,KeyConfig>
      Returns:
      new key config based on a keystore

    • toFullBuilder

      public KeyConfig.Builder toFullBuilder()
      Create a builder for KeyConfig from this keystore builder. This allows you to enhance the config with additional (explicit) fields.
      Returns:
      builder of KeyConfig

    • config

      public KeyConfig.KeystoreBuilder config(Config config)
      Update this builder from configuration. The following keys are expected under key keystore:
      • resource: resource configuration as understood by Resource
      • type: type of keystore (defaults to PKCS12)
      • passphrase: passphrase of keystore, if required
      • key.alias: alias of private key, if wanted (defaults to "1")
      • key.passphrase: passphrase of private key if differs from keystore passphrase
      • cert.alias: alias of public certificate (to obtain public key)
      • cert-chain.alias: alias of certificate chain
      • trust-store: true if this is a trust store (and we should load all certificates from it), defaults to false
      Parameters:
      config - configuration instance
      Returns:
      updated builder instance