Class LetsEncryptDomain

    • Field Detail

      • ID_PKCS12

        public static final java.lang.String ID_PKCS12
        The PKCS#12 identity.
        See Also:
        Constant Field Values
      • ID_PASSWORD

        public static final java.lang.String ID_PASSWORD
        The PKCS#12 identity password.
        See Also:
        Constant Field Values
      • EXPIRE_DAYS

        public static final java.lang.String EXPIRE_DAYS
        The number of days before certificate expiration when a new certificate is requested from Let's Encrypt.
        See Also:
        Constant Field Values
      • TOS_URI

        public static final java.lang.String TOS_URI
        The URI of the Terms-of-Service for Let's Encrypt that has been accepted.
        See Also:
        Constant Field Values
      • TOS_ACCEPT_URI

        public static final java.lang.String TOS_ACCEPT_URI
        The URI of the Terms-of-Service for Let's Encrypt that must be accepted.
        See Also:
        Constant Field Values
      • AUTO_ACCEPT

        public static final java.lang.String AUTO_ACCEPT
        Flag for auto-accept.
        See Also:
        Constant Field Values
      • ALIAS

        public static final java.lang.String ALIAS
        The alias for the certificate.
        See Also:
        Constant Field Values
      • DEFAULT_PASSWORD

        public static final java.lang.String DEFAULT_PASSWORD
        Default password for keystore.
        See Also:
        Constant Field Values
    • Constructor Detail

      • LetsEncryptDomain

        public LetsEncryptDomain()
        Creates the port configuration without a name. The name must be set in all cases using the setPropertyAtom call.
      • LetsEncryptDomain

        public LetsEncryptDomain​(Atom atom)
        Creates the port configuration with a name.
        Parameters:
        atom - The name of the property.
    • Method Detail

      • clone

        public LetsEncryptDomain clone()
        Creates a clone out of this property. The cloning is overridden by the subclasses in order to handle cloning of its class variables appropriately.
        Overrides:
        clone in class PropCnr
      • onEventSelf

        public void onEventSelf​(GEvent event)
        Change of password or keystore invalidates the existing keystore cached.
        Specified by:
        onEventSelf in interface IGProp<GProp<?>[]>
        Overrides:
        onEventSelf in class GProp<GProp<?>[]>
        Parameters:
        event - The property event.
      • getKeyStorePassword

        public java.lang.String getKeyStorePassword()
        Gets the KeyStore password.
        Returns:
        The password, "changeit" for default.
      • getKeyStore

        public java.security.KeyStore getKeyStore()
                                           throws java.security.KeyStoreException,
                                                  java.security.NoSuchAlgorithmException,
                                                  java.security.cert.CertificateException,
                                                  java.io.IOException
        Gets the KeyStore from a PKCS#12 identity property and password.
        Returns:
        The configured KeyStore, or null if not defined.
        Throws:
        java.security.KeyStoreException - If no Provider supports a KeyStoreSpi implementation for the PKCS#12 type.
        java.security.NoSuchAlgorithmException - If the algorithm used to check the integrity of the KeyStore cannot be found.
        java.security.cert.CertificateException - If any of the certificates in the KeyStore could not be loaded.
        java.io.IOException - If there is an I/O or format problem with the KeyStore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.
      • getKeyStore

        public java.security.KeyStore getKeyStore​(java.lang.StringBuilder pwReturn)
                                           throws java.security.KeyStoreException,
                                                  java.security.NoSuchAlgorithmException,
                                                  java.security.cert.CertificateException,
                                                  java.io.IOException
        Gets the KeyStore from a PKCS#12 identity property and password.
        Parameters:
        pwReturn - A StringBuilder instance that is filled with the password, null for none.
        Returns:
        The configured KeyStore, or null if not defined.
        Throws:
        java.security.KeyStoreException - If no Provider supports a KeyStoreSpi implementation for the PKCS#12 type.
        java.security.NoSuchAlgorithmException - If the algorithm used to check the integrity of the KeyStore cannot be found.
        java.security.cert.CertificateException - If any of the certificates in the KeyStore could not be loaded.
        java.io.IOException - If there is an I/O or format problem with the KeyStore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.
      • updateIdentity

        public boolean updateIdentity​(java.io.File file,
                                      java.lang.String password)
                               throws java.security.UnrecoverableKeyException,
                                      java.io.FileNotFoundException,
                                      java.security.KeyStoreException,
                                      java.security.NoSuchAlgorithmException,
                                      java.security.cert.CertificateException,
                                      java.io.IOException,
                                      PropException
        Updates the PKCS#12 identity from a file.
        Parameters:
        file - The identity file.
        password - The password, null for default "changeit".
        Returns:
        true for changed, false for no change.
        Throws:
        java.io.FileNotFoundException - If the file is not found.
        java.security.NoSuchAlgorithmException - If the algorithm used to check the integrity of the keystore cannot be found.
        java.security.cert.CertificateException - If any of the certificates in the keystore could not be loaded.
        java.io.IOException - If there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.
        java.security.UnrecoverableKeyException - If the key cannot be recovered (e.g. the given password is wrong).
        java.security.KeyStoreException
        PropException
      • getExpirationDayCount

        public int getExpirationDayCount()
        Gets the number of days before certificate expiration when a new certificate is requested from Let's Encrypt.
        Returns:
        The number of days in the range 1 to 89, default 7.
      • getExpirationDate

        public java.util.Date getExpirationDate()
        Gets the expiration date of the identities first certificate alias.
        Returns:
        The date of expiry, or null if identity is not set or failed to load.
      • getDomain

        public java.lang.String getDomain()
        Gets the domain name.
        Returns:
        The domain name as e.g. "hello.example.com".
      • getDescription

        public java.lang.String getDescription()
        Gets the description of the port configuration.
        Returns:
        The description, or null for none.
      • getTermsOfServiceURI

        public java.lang.String getTermsOfServiceURI()
        Gets the current Terms-of-Service agreement URI
        Returns:
        The ToS URI, or null if not received yet.
      • isAutoAcceptTermsOfServiceEnabled

        public boolean isAutoAcceptTermsOfServiceEnabled()
        Returns the auto-accept Terms-of-Service agreement flag.
        Returns:
        true for auto-acceptance, false for manual acceptance.
      • acceptTermsOfService

        public boolean acceptTermsOfService​(java.lang.String uri)
        Called to accept a Terms-of-Service agreement.
        Parameters:
        uri - The ToS URI.
        Returns:
        true if changed, false for no change.
        Throws:
        java.lang.NullPointerException - If uri is null.
      • getNeedToAcceptTermsOfServiceURI

        public java.lang.String getNeedToAcceptTermsOfServiceURI()
        Gets the Terms-of-Service agreement URI that needs to be accepted.
        Returns:
        The URI, or null for none.
      • setNeedToAcceptTermsOfServiceURI

        public boolean setNeedToAcceptTermsOfServiceURI​(java.lang.String uri)
        Gets the Terms-of-Service agreement URI that needs to be accepted.
        Parameters:
        uri - The URI, never null.
        Returns:
        true if changed, false for no change.
        Throws:
        java.lang.NullPointerException - If uri is null.
      • startRenewal

        public void startRenewal​(ServerShell server)
        Starts the renewal processing for the server.
        Parameters:
        server - The server.
      • getRenewalInstance

        public LetsEncryptRenewal getRenewalInstance()
        Gets the certificate renewal instance.
        Returns:
        The renewal instance, or null if not started.
      • addConnectorReference

        public void addConnectorReference​(PortConfig config)
        Adds a Jetty HTTP connector that references this domain.
        Parameters:
        config - The port configuration.