Package io.vertx.core.net

Class PemKeyCertOptions

  • All Implemented Interfaces:
    KeyCertOptions
    public class PemKeyCertOptions
extends Object
implements KeyCertOptions
    Key store options configuring a list of private key and its certificate based on Privacy-enhanced Electronic Email (PEM) files.

    A key file must contain a non encrypted private key in PKCS8 format wrapped in a PEM block, for example: 

     -----BEGIN PRIVATE KEY-----
 MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV6zPk5WqLwS0a
 ...
 K5xBhtm1AhdnZjx5KfW3BecE
 -----END PRIVATE KEY-----

    Or contain a non encrypted private key in PKCS1 format wrapped in a PEM block, for example: 

     -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAlO4gbHeFb/fmbUF/tOJfNPJumJUEqgzAzx8MBXv9Acyw9IRa
 ...
 zJ14Yd+t2fsLYVs2H0gxaA4DW6neCzgY3eKpSU0EBHUCFSXp/1+/
 -----END RSA PRIVATE KEY-----

    A certificate file must contain an X.509 certificate wrapped in a PEM block, for example: 

     -----BEGIN CERTIFICATE-----
 MIIDezCCAmOgAwIBAgIEZOI/3TANBgkqhkiG9w0BAQsFADBuMRAwDgYDVQQGEwdV
 ...
 +tmLSvYS39O2nqIzzAUfztkYnUlZmB0l/mKkVqbGJA==
 -----END CERTIFICATE-----
    Keys and certificates can either be loaded by Vert.x from the filesystem: 

     HttpServerOptions options = new HttpServerOptions();
 options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("/mykey.pem").setCertPath("/mycert.pem"));
    Or directly provided as a buffer:

     Buffer key = vertx.fileSystem().readFileBlocking("/mykey.pem");
 Buffer cert = vertx.fileSystem().readFileBlocking("/mycert.pem");
 options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyValue(key).setCertValue(cert));
    Several key/certificate pairs can be used: 

     HttpServerOptions options = new HttpServerOptions();
 options.setPemKeyCertOptions(new PemKeyCertOptions()
    .addKeyPath("/mykey1.pem").addCertPath("/mycert1.pem")
    .addKeyPath("/mykey2.pem").addCertPath("/mycert2.pem"));
    Author:
    Julien Viet, Tim Fox

    • Constructor Detail

      • PemKeyCertOptions

        public PemKeyCertOptions()
        Default constructor

      • PemKeyCertOptions

        public PemKeyCertOptions​(PemKeyCertOptions other)
        Copy constructor
        Parameters:
        other - the options to copy

      • PemKeyCertOptions

        public PemKeyCertOptions​(JsonObject json)
        Create options from JSON
        Parameters:
        json - the JSON

    • Method Detail

      • toJson

        public JsonObject toJson()
        Convert to JSON
        Returns:
        the JSON

      • getKeyPath

        public String getKeyPath()
        Get the path to the first key file
        Returns:
        the path to the key file

      • setKeyPath

        public PemKeyCertOptions setKeyPath​(String keyPath)
        Set the path of the first key file, replacing the keys paths
        Parameters:
        keyPath - the path to the first key file
        Returns:
        a reference to this, so the API can be used fluently

      • getKeyPaths

        public List<String> getKeyPaths()
        Get all the paths to the key files
        Returns:
        the paths to the keys files

      • setKeyPaths

        public PemKeyCertOptions setKeyPaths​(List<String> keyPaths)
        Set all the paths to the keys files
        Parameters:
        keyPaths - the paths to the keys files
        Returns:
        a reference to this, so the API can be used fluently

      • addKeyPath

        public PemKeyCertOptions addKeyPath​(String keyPath)
        Add a path to a key file
        Parameters:
        keyPath - the path to the key file
        Returns:
        a reference to this, so the API can be used fluently

      • getKeyValue

        public Buffer getKeyValue()
        Get the first key as a buffer
        Returns:
        the first key as a buffer

      • setKeyValue

        public PemKeyCertOptions setKeyValue​(Buffer keyValue)
        Set the first key a a buffer, replacing the previous keys buffers
        Parameters:
        keyValue - key as a buffer
        Returns:
        a reference to this, so the API can be used fluently

      • getKeyValues

        public List<Buffer> getKeyValues()
        Get all the keys as a list of buffer
        Returns:
        keys as a list of buffers

      • setKeyValues

        public PemKeyCertOptions setKeyValues​(List<Buffer> keyValues)
        Set all the keys as a list of buffer
        Parameters:
        keyValues - the keys as a list of buffer
        Returns:
        a reference to this, so the API can be used fluently

      • addKeyValue

        public PemKeyCertOptions addKeyValue​(Buffer keyValue)
        Add a key as a buffer
        Parameters:
        keyValue - the key to add
        Returns:
        a reference to this, so the API can be used fluently

      • getCertPath

        public String getCertPath()
        Get the path to the first certificate file
        Returns:
        the path to the certificate file

      • setCertPath

        public PemKeyCertOptions setCertPath​(String certPath)
        Set the path of the first certificate, replacing the previous certificates paths
        Parameters:
        certPath - the path to the certificate
        Returns:
        a reference to this, so the API can be used fluently

      • getCertPaths

        public List<String> getCertPaths()
        Get all the paths to the certificates files
        Returns:
        the paths to the certificates files

      • setCertPaths

        public PemKeyCertOptions setCertPaths​(List<String> certPaths)
        Set all the paths to the certificates files
        Parameters:
        certPaths - the paths to the certificates files
        Returns:
        a reference to this, so the API can be used fluently

      • addCertPath

        public PemKeyCertOptions addCertPath​(String certPath)
        Add a path to a certificate file
        Parameters:
        certPath - the path to the certificate file
        Returns:
        a reference to this, so the API can be used fluently

      • getCertValue

        public Buffer getCertValue()
        Get the first certificate as a buffer
        Returns:
        the first certificate as a buffer

      • setCertValue

        public PemKeyCertOptions setCertValue​(Buffer certValue)
        Set the first certificate as a buffer, replacing the previous certificates buffers
        Parameters:
        certValue - the first certificate as a buffer
        Returns:
        a reference to this, so the API can be used fluently

      • getCertValues

        public List<Buffer> getCertValues()
        Get all the certificates as a list of buffer
        Returns:
        certificates as a list of buffers

      • setCertValues

        public PemKeyCertOptions setCertValues​(List<Buffer> certValues)
        Set all the certificates as a list of buffer
        Parameters:
        certValues - the certificates as a list of buffer
        Returns:
        a reference to this, so the API can be used fluently

      • addCertValue

        public PemKeyCertOptions addCertValue​(Buffer certValue)
        Add a certificate as a buffer
        Parameters:
        certValue - the certificate to add
        Returns:
        a reference to this, so the API can be used fluently

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object

      • getHelper

        public io.vertx.core.net.impl.KeyStoreHelper getHelper​(Vertx vertx)
                                                throws Exception
        Throws:
        Exception

      • loadKeyStore

        public KeyStore loadKeyStore​(Vertx vertx)
                      throws Exception
        Load and return a Java keystore.
        Parameters:
        vertx - the vertx instance
        Returns:
        the KeyStore
        Throws:
        Exception

      • getKeyManagerFactory

        public KeyManagerFactory getKeyManagerFactory​(Vertx vertx)
                                       throws Exception
        Description copied from interface: KeyCertOptions
        Create and return the key manager factory for these options.

        The returned key manager factory should be already initialized and ready to use.

        Specified by:
        getKeyManagerFactory in interface KeyCertOptions
        Parameters:
        vertx - the vertx instance
        Returns:
        the key manager factory
        Throws:
        Exception

      • keyManagerFactoryMapper

        public java.util.function.Function<String,​KeyManagerFactory> keyManagerFactoryMapper​(Vertx vertx)
                                                                                    throws Exception
        Description copied from interface: KeyCertOptions
        Returns a function that maps SNI server names to KeyManagerFactory instance. The returned KeyManagerFactory must satisfies these rules:
        • The store private key must match the indicated server name for a null alias.
        • The store certificate chain must match the indicated server name for a null alias.
        The mapper is only used when the server has SNI enabled and the client indicated a server name.

        The returned function may return null in which case the default key manager provided by KeyCertOptions.getKeyManagerFactory(Vertx) will be used.

        Specified by:
        keyManagerFactoryMapper in interface KeyCertOptions
        Throws:
        Exception