Class OpensslTrustAnchorStoreImpl
java.lang.Object
eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
eu.emi.security.authn.x509.helpers.trust.OpensslTrustAnchorStoreImpl
- All Implemented Interfaces:
OpensslTrustAnchorStore,TrustAnchorStore
public class OpensslTrustAnchorStoreImpl
extends DirectoryTrustAnchorStore
implements OpensslTrustAnchorStore
Implementation of the truststore which uses CA certificates from a single directory
in OpenSSL format. Each certificate should be stored in a file named HASH.NUM,
where HASH is an 8 digit hex number. The NUM must be a number, starting from 0.
The hash can be either of openssl pre 1.0.0 version
(with 8 least significant digits of the MD5 hash of the certificate subject in DER format)
or in openssl 1.0.0 and above format (SHA1 hash of specially normalized DN). The class is configured
to use one or another, never both.
This class is extending the DirectoryTrustAnchorStore and restricts
the certificates which are loaded.
- Author:
- K. Benedyczak
-
Field Summary
FieldsFields inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
anchors, encodingFields inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
observers -
Constructor Summary
ConstructorsConstructorDescriptionOpensslTrustAnchorStoreImpl(String basePath, Timer t, long updateInterval, boolean loadGlobusNs, boolean loadEuGridPmaNs, ObserversHandler observers, boolean openssl1Mode) -
Method Summary
Modifier and TypeMethodDescriptionprotected voidreloadCerts(Collection<URL> locations) For all URLs tries to load a CA cert and namespacesprotected booleantryLoadCert(URL location, Set<TrustAnchorExt> tmpAnchors) Methods inherited from class eu.emi.security.authn.x509.helpers.trust.DirectoryTrustAnchorStore
getCacheDir, getConnTimeout, getEncoding, getLocations, getTrustAnchors, getTrustedCertificates, loadCerts, updateMethods inherited from class eu.emi.security.authn.x509.helpers.trust.TimedTrustAnchorStoreBase
dispose, scheduleUpdate, setUpdateIntervalMethods inherited from class eu.emi.security.authn.x509.helpers.trust.AbstractTrustAnchorStore
checkValidity, getUpdateIntervalMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface eu.emi.security.authn.x509.helpers.trust.TrustAnchorStore
dispose, getTrustAnchors, getTrustedCertificates, getUpdateInterval, setUpdateInterval
-
Field Details
-
CERT_WILDCARD
- See Also:
-
-
Constructor Details
-
OpensslTrustAnchorStoreImpl
public OpensslTrustAnchorStoreImpl(String basePath, Timer t, long updateInterval, boolean loadGlobusNs, boolean loadEuGridPmaNs, ObserversHandler observers, boolean openssl1Mode)
-
-
Method Details
-
reloadCerts
For all URLs tries to load a CA cert and namespaces- Overrides:
reloadCertsin classDirectoryTrustAnchorStore- Parameters:
locations- a collection of URLs
-
tryLoadCert
-
getPmaNsStore
- Specified by:
getPmaNsStorein interfaceOpensslTrustAnchorStore
-
getGlobusNsStore
- Specified by:
getGlobusNsStorein interfaceOpensslTrustAnchorStore
-