Package org.apache.activemq.artemis.core.remoting.impl.ssl

Class SSLSupport

  • public class SSLSupport
extends Object
    Please note, this class supports PKCS#11 keystores, but there are no specific tests in the ActiveMQ Artemis test-suite to validate/verify this works because this requires a functioning PKCS#11 provider which is not available by default (see java.security.Security#getProviders()). The main thing to keep in mind is that PKCS#11 keystores will either use null, and empty string, or NONE for their keystore path.

    • Constructor Detail

      • SSLSupport

        public SSLSupport()

    • Method Detail

      • getKeystoreProvider

        public String getKeystoreProvider()

      • setKeystoreProvider

        public SSLSupport setKeystoreProvider​(String keystoreProvider)

      • getKeystoreType

        public String getKeystoreType()

      • getKeystorePath

        public String getKeystorePath()

      • getKeystorePassword

        public String getKeystorePassword()

      • setKeystorePassword

        public SSLSupport setKeystorePassword​(String keystorePassword)

      • getTruststoreProvider

        public String getTruststoreProvider()

      • setTruststoreProvider

        public SSLSupport setTruststoreProvider​(String truststoreProvider)

      • getTruststoreType

        public String getTruststoreType()

      • setTruststoreType

        public SSLSupport setTruststoreType​(String truststoreType)

      • getTruststorePath

        public String getTruststorePath()

      • setTruststorePath

        public SSLSupport setTruststorePath​(String truststorePath)

      • getTruststorePassword

        public String getTruststorePassword()

      • setTruststorePassword

        public SSLSupport setTruststorePassword​(String truststorePassword)

      • getCrlPath

        public String getCrlPath()

      • getSslProvider

        public String getSslProvider()

      • isTrustAll

        public boolean isTrustAll()

      • setTrustAll

        public SSLSupport setTrustAll​(boolean trustAll)

      • getTrustManagerFactoryPlugin

        public String getTrustManagerFactoryPlugin()

      • setTrustManagerFactoryPlugin

        public SSLSupport setTrustManagerFactoryPlugin​(String trustManagerFactoryPlugin)

      • createNettyContext

        public io.netty.handler.ssl.SslContext createNettyContext()
                                                   throws Exception
        Throws:
        Exception

      • createNettyClientContext

        public io.netty.handler.ssl.SslContext createNettyClientContext()
                                                         throws Exception
        Throws:
        Exception

      • parseCommaSeparatedListIntoArray

        public static String[] parseCommaSeparatedListIntoArray​(String suites)

      • parseArrayIntoCommandSeparatedList

        public static String parseArrayIntoCommandSeparatedList​(String[] suites)

      • getValidProviderAndType

        public static Pair<String,​String> getValidProviderAndType​(String storeProvider,
                                                                String storeType)
        The changes ARTEMIS-3155 introduced an incompatibility with old clients using the keyStoreProvider and trustStoreProvider URL properties. These old clients use these properties to set the *type* of store (e.g. PKCS12, PKCS11, JKS, JCEKS, etc.), but new clients use these to set the *provider* (as the name implies). This method checks to see if the provider property matches what is expected from old clients and if so returns they proper provider and type properties to use with the new client implementation.
        Parameters:
        storeProvider -
        storeType -
        Returns:
        a Pair<String, String> representing the provider and type to use (in that order)