Class GlobusSSLHelper

java.lang.Object
org.globus.gsi.jsse.GlobusSSLHelper

public final class GlobusSSLHelper extends Object
This is a utility class designed to simplify common tasks required for configuring the globus ssl support.
Since:
1.0
Version:
1.0
  • Method Details

    • buildTrustStore

      public static KeyStore buildTrustStore(String provider, String trustAnchorStoreType, String trustAnchorStoreLocation, String trustAnchorStorePassword) throws GlobusSSLConfigurationException
      Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.
      Parameters:
      provider - The Java security provider to use.
      trustAnchorStoreType - The type of key store to be constructed.
      trustAnchorStoreLocation - The location of the trust store file
      trustAnchorStorePassword - The password for the trust store.
      Returns:
      A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
      Throws:
      GlobusSSLConfigurationException - If unable to construct the TrustStore.
    • findCredentialStore

      public static KeyStore findCredentialStore(String provider, String credentialStoreType, String credentialStoreLocation, String credentialStorePassword) throws GlobusSSLConfigurationException
      Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.
      Parameters:
      provider - The Java security provider to use.
      credentialStoreType - The type of key store to be constructed.
      credentialStoreLocation - The location of the credential store file
      credentialStorePassword - The password for the credential store.
      Returns:
      A configured Keystore which holds credentials defined by these parameters.
      Throws:
      GlobusSSLConfigurationException - If unable to construct the Credential Store.
    • findCRLStore

      public static CertStore findCRLStore(String crlPattern) throws GlobusSSLConfigurationException
      Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.
      Parameters:
      crlPattern - The pattern which defines the locations of the CRL's
      Returns:
      A configured Java CertStore containing the specified CRL's
      Throws:
      GlobusSSLConfigurationException - if the store cannot be loaded.