Class GlobusSSLHelper


  • public final class GlobusSSLHelper
    extends Object
    This is a utility class designed to simplify common tasks required for configuring the globus ssl support.
    Since:
    1.0
    Version:
    1.0
    • Method Detail

      • buildTrustStore

        public static KeyStore buildTrustStore​(String provider,
                                               String trustAnchorStoreType,
                                               String trustAnchorStoreLocation,
                                               String trustAnchorStorePassword)
                                        throws GlobusSSLConfigurationException
        Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.
        Parameters:
        provider - The Java security provider to use.
        trustAnchorStoreType - The type of key store to be constructed.
        trustAnchorStoreLocation - The location of the trust store file
        trustAnchorStorePassword - The password for the trust store.
        Returns:
        A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
        Throws:
        GlobusSSLConfigurationException - If unable to construct the TrustStore.
      • findCredentialStore

        public static KeyStore findCredentialStore​(String provider,
                                                   String credentialStoreType,
                                                   String credentialStoreLocation,
                                                   String credentialStorePassword)
                                            throws GlobusSSLConfigurationException
        Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.
        Parameters:
        provider - The Java security provider to use.
        credentialStoreType - The type of key store to be constructed.
        credentialStoreLocation - The location of the credential store file
        credentialStorePassword - The password for the credential store.
        Returns:
        A configured Keystore which holds credentials defined by these parameters.
        Throws:
        GlobusSSLConfigurationException - If unable to construct the Credential Store.
      • findCRLStore

        public static CertStore findCRLStore​(String crlPattern)
                                      throws GlobusSSLConfigurationException
        Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.
        Parameters:
        crlPattern - The pattern which defines the locations of the CRL's
        Returns:
        A configured Java CertStore containing the specified CRL's
        Throws:
        GlobusSSLConfigurationException - if the store cannot be loaded.