Package com.iizix.server.acme

Class LetsEncryptDomain

java.lang.Object
com.iizix.prop.GProp<GProp<?>[]>
com.iizix.prop.PropCnr
com.iizix.server.acme.LetsEncryptDomain
All Implemented Interfaces:
EventListener, IGProp<GProp<?>[]>, IPropCnr, Cloneable
Direct Known Subclasses:
EditorLetsEncryptDomain
public class LetsEncryptDomain extends PropCnr
Property container holding information about a Let's Encrypt domain with automatic certificate renewal in the server.

  • Field Details

  • Constructor Details

    • LetsEncryptDomain

      public LetsEncryptDomain()
      Creates the port configuration without a name. The name must be set in all cases using the setPropertyAtom call.

    • LetsEncryptDomain

      public LetsEncryptDomain(Atom atom)
      Creates the port configuration with a name.
      Parameters:
      atom - The name of the property.

  • Method Details

    • clone

      public LetsEncryptDomain clone()
      Creates a clone out of this property. The cloning is overridden by the subclasses in order to handle cloning of its class variables appropriately.
      Overrides:
      clone in class PropCnr

    • onEventSelf

      public void onEventSelf(GEvent event)
      Change of password or keystore invalidates the existing keystore cached.
      Specified by:
      onEventSelf in interface IGProp<GProp<?>[]>
      Overrides:
      onEventSelf in class GProp<GProp<?>[]>
      Parameters:
      event - The property event.

    • getKeyStorePassword

      public String getKeyStorePassword()
      Gets the KeyStore password.
      Returns:
      The password, "changeit" for default.

    • getKeyStore

      public KeyStore getKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
      Gets the KeyStore from a PKCS#12 identity property and password.
      Returns:
      The configured KeyStore, or null if not defined.
      Throws:
      KeyStoreException - If no Provider supports a KeyStoreSpi implementation for the PKCS#12 type.
      NoSuchAlgorithmException - If the algorithm used to check the integrity of the KeyStore cannot be found.
      CertificateException - If any of the certificates in the KeyStore could not be loaded.
      IOException - If there is an I/O or format problem with the KeyStore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.

    • getKeyStore

      public KeyStore getKeyStore(StringBuilder pwReturn) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
      Gets the KeyStore from a PKCS#12 identity property and password.
      Parameters:
      pwReturn - A StringBuilder instance that is filled with the password, null for none.
      Returns:
      The configured KeyStore, or null if not defined.
      Throws:
      KeyStoreException - If no Provider supports a KeyStoreSpi implementation for the PKCS#12 type.
      NoSuchAlgorithmException - If the algorithm used to check the integrity of the KeyStore cannot be found.
      CertificateException - If any of the certificates in the KeyStore could not be loaded.
      IOException - If there is an I/O or format problem with the KeyStore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.

    • updateIdentity

      public boolean updateIdentity(File file, String password) throws UnrecoverableKeyException, FileNotFoundException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, PropException
      Updates the PKCS#12 identity from a file.
      Parameters:
      file - The identity file.
      password - The password, null for default "changeit".
      Returns:
      true for changed, false for no change.
      Throws:
      FileNotFoundException - If the file is not found.
      NoSuchAlgorithmException - If the algorithm used to check the integrity of the keystore cannot be found.
      CertificateException - If any of the certificates in the keystore could not be loaded.
      IOException - If there is an I/O or format problem with the keystore data, if a password is required but not given, or if the given password was incorrect. If the error is due to a wrong password, the cause of the IOException should be an UnrecoverableKeyException.
      UnrecoverableKeyException - If the key cannot be recovered (e.g. the given password is wrong).
      KeyStoreException
      PropException

    • getExpirationDayCount

      public int getExpirationDayCount()
      Gets the number of days before certificate expiration when a new certificate is requested from Let's Encrypt.
      Returns:
      The number of days in the range 1 to 89, default 7.

    • getExpirationDate

      public Date getExpirationDate()
      Gets the expiration date of the identities first certificate alias.
      Returns:
      The date of expiry, or null if identity is not set or failed to load.

    • getDomain

      public String getDomain()
      Gets the domain name.
      Returns:
      The domain name as e.g. "hello.example.com".

    • getDescription

      public String getDescription()
      Gets the description of the port configuration.
      Returns:
      The description, or null for none.

    • getChallengeType

      public LetsEncrypt.Type getChallengeType()
      Gets the type of challenge: HTTP or DNS.
      Returns:
      The challenge type, default is LetsEncrypt.Type.HTTP.

    • getTermsOfServiceURI

      public String getTermsOfServiceURI()
      Gets the current Terms-of-Service agreement URI
      Returns:
      The ToS URI, or null if not received yet.

    • isAutoAcceptTermsOfServiceEnabled

      public boolean isAutoAcceptTermsOfServiceEnabled()
      Returns the auto-accept Terms-of-Service agreement flag.
      Returns:
      true for auto-acceptance, false for manual acceptance.

    • acceptTermsOfService

      public boolean acceptTermsOfService(String uri)
      Called to accept a Terms-of-Service agreement.
      Parameters:
      uri - The ToS URI.
      Returns:
      true if changed, false for no change.
      Throws:
      NullPointerException - If uri is null.

    • getNeedToAcceptTermsOfServiceURI

      public String getNeedToAcceptTermsOfServiceURI()
      Gets the Terms-of-Service agreement URI that needs to be accepted.
      Returns:
      The URI, or null for none.

    • setNeedToAcceptTermsOfServiceURI

      public boolean setNeedToAcceptTermsOfServiceURI(String uri)
      Gets the Terms-of-Service agreement URI that needs to be accepted.
      Parameters:
      uri - The URI, never null.
      Returns:
      true if changed, false for no change.
      Throws:
      NullPointerException - If uri is null.

    • startRenewal

      public void startRenewal(ServerShell server)
      Starts the renewal processing for the server.
      Parameters:
      server - The server.

    • getRenewalInstance

      public LetsEncryptRenewal getRenewalInstance()
      Gets the certificate renewal instance.
      Returns:
      The renewal instance, or null if not started.

    • addConnectorReference

      public void addConnectorReference(PortConfig config)
      Adds a Jetty HTTP connector that references this domain.
      Parameters:
      config - The port configuration.