private void updateKeyStoreFromPEM(KeyStore keystore, JolokiaServerConfig pConfig) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, InvalidKeySpecException, InvalidKeyException, NoSuchProviderException, SignatureException { if (pConfig.getCaCert() != null) { File caCert = getAndValidateFile(pConfig.getCaCert(), "CA cert"); KeyStoreUtil.updateWithCaPem(keystore, caCert); } else if (pConfig.useSslClientAuthentication()) { throw new IllegalArgumentException( "Cannot use client cert authentication if no CA is given with 'caCert'"); } if (pConfig.getServerCert() != null) { // Use the provided server key File serverCert = getAndValidateFile(pConfig.getServerCert(), "server cert"); if (pConfig.getServerKey() == null) { throw new IllegalArgumentException( "Cannot use server cert from " + pConfig.getServerCert() + " without a provided a key given with 'serverKey'"); } File serverKey = getAndValidateFile(pConfig.getServerKey(), "server key"); KeyStoreUtil.updateWithServerPems( keystore, serverCert, serverKey, pConfig.getServerKeyAlgorithm(), pConfig.getKeystorePassword()); } }
private KeyStore getKeyStore(JolokiaServerConfig pConfig) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException, InvalidKeyException, NoSuchProviderException, SignatureException { char[] password = pConfig.getKeystorePassword(); String keystoreFile = pConfig.getKeystore(); KeyStore keystore = KeyStore.getInstance(pConfig.getKeyStoreType()); if (keystoreFile != null) { // Load everything from a keystore which must include CA (if useClientSslAuthenticatin is // used) and // server cert/key loadKeyStoreFromFile(keystore, keystoreFile, password); } else { // Load keys from PEM files keystore.load(null); updateKeyStoreFromPEM(keystore, pConfig); // If no server cert is configured, then use a self-signed server certificate if (pConfig.getServerCert() == null) { KeyStoreUtil.updateWithSelfSignedServerCertificate(keystore); } } return keystore; }