Class CertificateDataReplaceCertificateKeyStoreContent
- java.lang.Object
-
- com.unboundid.ldap.sdk.unboundidds.extensions.ReplaceCertificateKeyStoreContent
-
- com.unboundid.ldap.sdk.unboundidds.extensions.CertificateDataReplaceCertificateKeyStoreContent
-
- All Implemented Interfaces:
java.io.Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class CertificateDataReplaceCertificateKeyStoreContent extends ReplaceCertificateKeyStoreContent
This class provides aReplaceCertificateKeyStoreContent
implementation to indicate that the certificate chain and private key (in either PEM or DER format) are provided directly in the extended request.
NOTE: This class, and other classes within the
com.unboundid.ldap.sdk.unboundidds
package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description CertificateDataReplaceCertificateKeyStoreContent(java.util.List<byte[]> certificateChainData, byte[] privateKeyData)
Creates a new instance of this key store content object with the provided information.CertificateDataReplaceCertificateKeyStoreContent(java.util.List<java.io.File> certificateChainFiles, java.io.File privateKeyFile)
Creates a new instance of this key store content object with the provided information.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description ASN1Element
encode()
Encodes this key store content object to an ASN.1 element suitable for inclusion in either a replace listener certificate or replace inter-server certificate request.java.util.List<byte[]>
getCertificateChainData()
Retrieves a list of the DER-formatted or PEM-formatted representations of the X.509 certificates in the new certificate chain.byte[]
getPrivateKeyData()
Retrieves the DER-formatted or PEM-formatted PKCS #8 private key for the new certificate, if available.static java.util.List<byte[]>
readCertificateChain(java.io.File... files)
Reads a certificate chain from the given file or set of files.static java.util.List<byte[]>
readCertificateChain(java.util.List<java.io.File> files)
Reads a certificate chain from the given file or set of files.static byte[]
readPrivateKey(java.io.File file)
Reads a PKCS #8 private key from the given file.void
toString(java.lang.StringBuilder buffer)
Appends a string representation of this key store content object to the provided buffer.-
Methods inherited from class com.unboundid.ldap.sdk.unboundidds.extensions.ReplaceCertificateKeyStoreContent
decode, toString
-
-
-
-
Constructor Detail
-
CertificateDataReplaceCertificateKeyStoreContent
public CertificateDataReplaceCertificateKeyStoreContent(@NotNull java.util.List<byte[]> certificateChainData, @Nullable byte[] privateKeyData)
Creates a new instance of this key store content object with the provided information.- Parameters:
certificateChainData
- A list containing the encoded representations of the X.509 certificates in the new certificate chain. Each byte array must contain the PEM or DER representation of a single certificate in the chain, with the first certificate being the end-entity certificate, and each subsequent certificate being the issuer for the previous certificate. This must not benull
or empty.privateKeyData
- An array containing the encoded representation of the PKCS #8 private key for the end-entity certificate in the chain. It may be encoded in either PEM or DER format. This may benull
if the new end-entity certificate uses the same private key as the certificate currently in use in the server.
-
CertificateDataReplaceCertificateKeyStoreContent
public CertificateDataReplaceCertificateKeyStoreContent(@NotNull java.util.List<java.io.File> certificateChainFiles, @Nullable java.io.File privateKeyFile) throws LDAPException
Creates a new instance of this key store content object with the provided information.- Parameters:
certificateChainFiles
- A list containing one or more files from which to read the PEM or DER representations of the X.509 certificates to include in the new certificate chain. The order of the files, and the order of the certificates in each file, should be arranged such that the first certificate read is the end-entity certificate and each subsequent certificate is the issuer for the previous. This must not benull
or empty.privateKeyFile
- A file from which to read the PEM or DER representation of the PKCS #8 private key for the end-entity certificate in the chain. This may benull
if the new end-entity certificate uses the same private key as the certificate currently in use in the server.- Throws:
LDAPException
- If a problem occurs while trying to read or parse data contained in any of the provided files.
-
-
Method Detail
-
readCertificateChain
@NotNull public static java.util.List<byte[]> readCertificateChain(@NotNull java.io.File... files) throws LDAPException
Reads a certificate chain from the given file or set of files. Each file must contain the PEM or DER representations of one or more X.509 certificates. If a file contains multiple certificates, all certificates in that file must be either all PEM-formatted or all DER-formatted.- Parameters:
files
- The set of files from which the certificate chain should be read. It must not benull
or empty.- Returns:
- A list containing the encoded representation of the X.509 certificates read from the file, with each byte array containing the encoded representation for one certificate.
- Throws:
LDAPException
- If a problem was encountered while attempting to read from or parse the content of any of the files.
-
readCertificateChain
@NotNull public static java.util.List<byte[]> readCertificateChain(@NotNull java.util.List<java.io.File> files) throws LDAPException
Reads a certificate chain from the given file or set of files. Each file must contain the PEM or DER representations of one or more X.509 certificates. If a file contains multiple certificates, all certificates in that file must be either all PEM-formatted or all DER-formatted.- Parameters:
files
- The set of files from which the certificate chain should be read. It must not benull
or empty.- Returns:
- A list containing the encoded representation of the X.509 certificates read from the file, with each byte array containing the encoded representation for one certificate.
- Throws:
LDAPException
- If a problem was encountered while attempting to read from or parse the content of any of the files.
-
readPrivateKey
@NotNull public static byte[] readPrivateKey(@NotNull java.io.File file) throws LDAPException
Reads a PKCS #8 private key from the given file. The file must contain the PEM or DER representation of a single private key.- Parameters:
file
- The file from which the private key should be read. It must not benull
.- Returns:
- The encoded representation of the PKCS #8 private key that was read.
- Throws:
LDAPException
- If a problem occurs while trying to read from or parse the content of the specified file.
-
getCertificateChainData
@NotNull public java.util.List<byte[]> getCertificateChainData()
Retrieves a list of the DER-formatted or PEM-formatted representations of the X.509 certificates in the new certificate chain.- Returns:
- A list of the encoded representations of the X.509 certificates in the new certificate chain.
-
getPrivateKeyData
@Nullable public byte[] getPrivateKeyData()
Retrieves the DER-formatted or PEM-formatted PKCS #8 private key for the new certificate, if available.- Returns:
- The encoded representation of the PKCS #8 private key for the new
certificate, or
null
if the new certificate should use the same private key as the current certificate.
-
encode
@NotNull public ASN1Element encode()
Encodes this key store content object to an ASN.1 element suitable for inclusion in either a replace listener certificate or replace inter-server certificate request.- Specified by:
encode
in classReplaceCertificateKeyStoreContent
- Returns:
- The ASN.1 element containing an encoded representation of this key store content object.
-
toString
public void toString(@NotNull java.lang.StringBuilder buffer)
Appends a string representation of this key store content object to the provided buffer.- Specified by:
toString
in classReplaceCertificateKeyStoreContent
- Parameters:
buffer
- The buffer to which the encoded representation should be appended. It must not benull
.
-
-