Class PemKeyCertOptions

java.lang.Object
io.vertx.core.net.PemKeyCertOptions
All Implemented Interfaces:
KeyCertOptions
public class PemKeyCertOptions extends Object implements KeyCertOptions
Key store options configuring a list of private key and its certificate based on Privacy-enhanced Electronic Email (PEM) files.

A key file must contain a non encrypted private key in PKCS8 format wrapped in a PEM block, for example: 

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV6zPk5WqLwS0a
...
K5xBhtm1AhdnZjx5KfW3BecE
-----END PRIVATE KEY-----

Or contain a non encrypted private key in PKCS1 format wrapped in a PEM block, for example: 

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAlO4gbHeFb/fmbUF/tOJfNPJumJUEqgzAzx8MBXv9Acyw9IRa
...
zJ14Yd+t2fsLYVs2H0gxaA4DW6neCzgY3eKpSU0EBHUCFSXp/1+/
-----END RSA PRIVATE KEY-----

A certificate file must contain an X.509 certificate wrapped in a PEM block, for example: 

-----BEGIN CERTIFICATE-----
MIIDezCCAmOgAwIBAgIEZOI/3TANBgkqhkiG9w0BAQsFADBuMRAwDgYDVQQGEwdV
...
+tmLSvYS39O2nqIzzAUfztkYnUlZmB0l/mKkVqbGJA==
-----END CERTIFICATE-----
Keys and certificates can either be loaded by Vert.x from the filesystem: 

HttpServerOptions options = new HttpServerOptions();
options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("/mykey.pem").setCertPath("/mycert.pem"));
Or directly provided as a buffer:

Buffer key = vertx.fileSystem().readFileBlocking("/mykey.pem");
Buffer cert = vertx.fileSystem().readFileBlocking("/mycert.pem");
options.setPemKeyCertOptions(new PemKeyCertOptions().setKeyValue(key).setCertValue(cert));
Several key/certificate pairs can be used: 

HttpServerOptions options = new HttpServerOptions();
options.setPemKeyCertOptions(new PemKeyCertOptions()
   .addKeyPath("/mykey1.pem").addCertPath("/mycert1.pem")
   .addKeyPath("/mykey2.pem").addCertPath("/mycert2.pem"));
Author:
Julien Viet, Tim Fox

  • Constructor Details

    • PemKeyCertOptions

      public PemKeyCertOptions()
      Default constructor

    • PemKeyCertOptions

      public PemKeyCertOptions(PemKeyCertOptions other)
      Copy constructor
      Parameters:
      other - the options to copy

    • PemKeyCertOptions

      public PemKeyCertOptions(JsonObject json)
      Create options from JSON
      Parameters:
      json - the JSON

  • Method Details

    • toJson

      public JsonObject toJson()
      Convert to JSON
      Returns:
      the JSON

    • getKeyPath

      public String getKeyPath()
      Get the path to the first key file
      Returns:
      the path to the key file

    • setKeyPath

      public PemKeyCertOptions setKeyPath(String keyPath)
      Set the path of the first key file, replacing the keys paths
      Parameters:
      keyPath - the path to the first key file
      Returns:
      a reference to this, so the API can be used fluently

    • getKeyPaths

      public List<String> getKeyPaths()
      Get all the paths to the key files
      Returns:
      the paths to the keys files

    • setKeyPaths

      public PemKeyCertOptions setKeyPaths(List<String> keyPaths)
      Set all the paths to the keys files
      Parameters:
      keyPaths - the paths to the keys files
      Returns:
      a reference to this, so the API can be used fluently

    • addKeyPath

      public PemKeyCertOptions addKeyPath(String keyPath)
      Add a path to a key file
      Parameters:
      keyPath - the path to the key file
      Returns:
      a reference to this, so the API can be used fluently

    • getKeyValue

      public Buffer getKeyValue()
      Get the first key as a buffer
      Returns:
      the first key as a buffer

    • setKeyValue

      public PemKeyCertOptions setKeyValue(Buffer keyValue)
      Set the first key a a buffer, replacing the previous keys buffers
      Parameters:
      keyValue - key as a buffer
      Returns:
      a reference to this, so the API can be used fluently

    • getKeyValues

      public List<Buffer> getKeyValues()
      Get all the keys as a list of buffer
      Returns:
      keys as a list of buffers

    • setKeyValues

      public PemKeyCertOptions setKeyValues(List<Buffer> keyValues)
      Set all the keys as a list of buffer
      Parameters:
      keyValues - the keys as a list of buffer
      Returns:
      a reference to this, so the API can be used fluently

    • addKeyValue

      public PemKeyCertOptions addKeyValue(Buffer keyValue)
      Add a key as a buffer
      Parameters:
      keyValue - the key to add
      Returns:
      a reference to this, so the API can be used fluently

    • getCertPath

      public String getCertPath()
      Get the path to the first certificate file
      Returns:
      the path to the certificate file

    • setCertPath

      public PemKeyCertOptions setCertPath(String certPath)
      Set the path of the first certificate, replacing the previous certificates paths
      Parameters:
      certPath - the path to the certificate
      Returns:
      a reference to this, so the API can be used fluently

    • getCertPaths

      public List<String> getCertPaths()
      Get all the paths to the certificates files
      Returns:
      the paths to the certificates files

    • setCertPaths

      public PemKeyCertOptions setCertPaths(List<String> certPaths)
      Set all the paths to the certificates files
      Parameters:
      certPaths - the paths to the certificates files
      Returns:
      a reference to this, so the API can be used fluently

    • addCertPath

      public PemKeyCertOptions addCertPath(String certPath)
      Add a path to a certificate file
      Parameters:
      certPath - the path to the certificate file
      Returns:
      a reference to this, so the API can be used fluently

    • getCertValue

      public Buffer getCertValue()
      Get the first certificate as a buffer
      Returns:
      the first certificate as a buffer

    • setCertValue

      public PemKeyCertOptions setCertValue(Buffer certValue)
      Set the first certificate as a buffer, replacing the previous certificates buffers
      Parameters:
      certValue - the first certificate as a buffer
      Returns:
      a reference to this, so the API can be used fluently

    • getCertValues

      public List<Buffer> getCertValues()
      Get all the certificates as a list of buffer
      Returns:
      certificates as a list of buffers

    • setCertValues

      public PemKeyCertOptions setCertValues(List<Buffer> certValues)
      Set all the certificates as a list of buffer
      Parameters:
      certValues - the certificates as a list of buffer
      Returns:
      a reference to this, so the API can be used fluently

    • addCertValue

      public PemKeyCertOptions addCertValue(Buffer certValue)
      Add a certificate as a buffer
      Parameters:
      certValue - the certificate to add
      Returns:
      a reference to this, so the API can be used fluently

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • copy

      public PemKeyCertOptions copy()
      Specified by:
      copy in interface KeyCertOptions
      Returns:
      a copy of these options

    • getHelper

      public io.vertx.core.net.impl.KeyStoreHelper getHelper(Vertx vertx) throws Exception
      Throws:
      Exception

    • loadKeyStore

      public KeyStore loadKeyStore(Vertx vertx) throws Exception
      Load and return a Java keystore.
      Parameters:
      vertx - the vertx instance
      Returns:
      the KeyStore
      Throws:
      Exception

    • getKeyManagerFactory

      public KeyManagerFactory getKeyManagerFactory(Vertx vertx) throws Exception
      Description copied from interface: KeyCertOptions
      Create and return the key manager factory for these options.

      The returned key manager factory should be already initialized and ready to use.

      Specified by:
      getKeyManagerFactory in interface KeyCertOptions
      Parameters:
      vertx - the vertx instance
      Returns:
      the key manager factory
      Throws:
      Exception

    • keyManagerFactoryMapper

      public Function<String, KeyManagerFactory> keyManagerFactoryMapper(Vertx vertx) throws Exception
      Description copied from interface: KeyCertOptions
      Returns a function that maps SNI server names to KeyManagerFactory instance. The returned KeyManagerFactory must satisfies these rules:
      • The store private key must match the indicated server name for a null alias.
      • The store certificate chain must match the indicated server name for a null alias.
      The mapper is only used when the server has SNI enabled and the client indicated a server name.

      The returned function may return null in which case the default key manager provided by KeyCertOptions.getKeyManagerFactory(Vertx) will be used.

      Specified by:
      keyManagerFactoryMapper in interface KeyCertOptions
      Throws:
      Exception