SelfSignedCertificateGenerator (java-support 7.5.2 API)

java.lang.Object
- net.shibboleth.utilities.java.support.security.SelfSignedCertificateGenerator

public class SelfSignedCertificateGenerator
extends Object

A helper class to generate self-signed keypairs.

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`private static class`	`SelfSignedCertificateGenerator.CommandLineArgs` Manages command line parsing for application and the bean properties used by the generator.
`static class`	`SelfSignedCertificateGenerator.FileConverter` Command line option conversion from String to File.

Field Summary

Fields
Modifier and Type	Field and Description
`private SelfSignedCertificateGenerator.CommandLineArgs`	`args` Container for options that can be parsed from a command line.
`private Logger`	`log` Class logger.

Constructor Summary

Constructors
Constructor and Description

SelfSignedCertificateGenerator()
Constructor.

Constructors
Constructor and Description
`SelfSignedCertificateGenerator()` Constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`protected org.bouncycastle.asn1.ASN1Encodable[]`	`buildSubjectAltNames()` Builds the subject alt names for the certificate.
`void`	`generate()` The main routine.
`protected X509Certificate`	`generateCertificate(KeyPair keypair)` Generates the self-signed certificate.
`protected KeyPair`	`generateKeyPair()` Generates the key pair for the certificate.
`static void`	`main(String[] args)` Command line entry point.
`void`	`setCertificateAlg(String alg)` Set the certificate algorithm that will be used.
`void`	`setCertificateFile(File file)` Set the file to which the certificate will be written.
`void`	`setCertificateLifetime(int lifetime)` Set the number of years for which the certificate will be valid.
`void`	`setDNSSubjectAltNames(Collection<String> altNames)` Set the optional DNS subject alt names.
`void`	`setHostName(String name)` Set the hostname that will appear in the certificate's DN.
`void`	`setKeySize(int size)` Set the size of the generated key.
`void`	`setKeystoreFile(File file)` Set the file to which the keystore will be written.
`void`	`setKeystorePassword(String password)` Set the password for the generated keystore.
`void`	`setKeystoreType(String type)` Set the type of keystore to create.
`void`	`setKeyType(String type)` Set the type of key that will be generated.
`void`	`setPrivateKeyFile(File file)` Set the file to which the private key will be written.
`void`	`setURISubjectAltNames(Collection<String> altNames)` Set the optional URI subject alt names.
`protected void`	`validate()` Validates the settings.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - log
```
@Nonnull
private Logger log
```
    Class logger.
  - args
```
@Nonnull
private final SelfSignedCertificateGenerator.CommandLineArgs args
```
    Container for options that can be parsed from a command line.
- Constructor Detail
  - SelfSignedCertificateGenerator
```
public SelfSignedCertificateGenerator()
```
    Constructor.
- Method Detail
  - setKeyType
```
public void setKeyType(@Nonnull@NotEmpty
              String type)
```
    Set the type of key that will be generated. Defaults to RSA.
    
    Parameters:
    type - type of key that will be generated
  - setKeySize
```
public void setKeySize(@Positive
              int size)
```
    Set the size of the generated key. Defaults to 2048
    
    Parameters:
    size - size of the generated key
  - setCertificateLifetime
```
public void setCertificateLifetime(@Positive
                          int lifetime)
```
    Set the number of years for which the certificate will be valid.
    
    Parameters:
    lifetime - number of years for which the certificate will be valid
  - setCertificateAlg
```
public void setCertificateAlg(@Nonnull@NotEmpty
                     String alg)
```
    Set the certificate algorithm that will be used. Defaults to SHA256withRSA.
    
    Parameters:
    alg - certificate algorithm
  - setHostName
```
public void setHostName(@Nonnull@NotEmpty
               String name)
```
    Set the hostname that will appear in the certificate's DN.
    
    Parameters:
    name - hostname that will appear in the certificate's DN
  - setPrivateKeyFile
```
public void setPrivateKeyFile(@Nullable
                     File file)
```
    Set the file to which the private key will be written.
    
    Parameters:
    file - file to which the private key will be written
  - setCertificateFile
```
public void setCertificateFile(@Nullable
                      File file)
```
    Set the file to which the certificate will be written.
    
    Parameters:
    file - file to which the certificate will be written
  - setKeystoreType
```
public void setKeystoreType(@Nonnull@NotEmpty
                   String type)
```
    Set the type of keystore to create.
    
    Parameters:
    type - keystore type
  - setKeystoreFile
```
public void setKeystoreFile(@Nullable
                   File file)
```
    Set the file to which the keystore will be written.
    
    Parameters:
    file - file to which the keystore will be written
  - setKeystorePassword
```
public void setKeystorePassword(@Nullable
                       String password)
```
    Set the password for the generated keystore.
    
    Parameters:
    password - password for the generated keystore
  - setDNSSubjectAltNames
```
public void setDNSSubjectAltNames(@Nonnull@NonnullElements
                         Collection<String> altNames)
```
    Set the optional DNS subject alt names.
    
    Parameters:
    altNames - collection of subject alt names.
  - setURISubjectAltNames
```
public void setURISubjectAltNames(@Nonnull@NonnullElements
                         Collection<String> altNames)
```
    Set the optional URI subject alt names.
    
    Parameters:
    altNames - collection of subject alt names.
  - generate
```
public void generate()
              throws Exception
```
    The main routine.
    
    Throws:
    
    Exception - if an error occurs
  - validate
```
protected void validate()
```
    Validates the settings.
  - generateKeyPair
```
@Nonnull
protected KeyPair generateKeyPair()
                           throws NoSuchAlgorithmException
```
    Generates the key pair for the certificate.
    
    Returns:
    key pair for the certificate
    
    Throws:
    
    NoSuchAlgorithmException - if there is a problem generating the keys
  - generateCertificate
```
@Nonnull
protected X509Certificate generateCertificate(@Nonnull
                                          KeyPair keypair)
                                       throws Exception
```
    Generates the self-signed certificate.
    
    Parameters:
    keypair - keypair associated with the certificate
    
    Returns:
    self-signed certificate
    
    Throws:
    
    Exception - if an error occurs
  - buildSubjectAltNames
```
@Nonnull
@NonnullElements
protected org.bouncycastle.asn1.ASN1Encodable[] buildSubjectAltNames()
```
    Builds the subject alt names for the certificate.
    
    Returns:
    subject alt names for the certificate
  - main
```
public static void main(@Nonnull
        String[] args)
                 throws Exception
```
    Command line entry point.
    
    Parameters:
    args - command line arguments
    
    Throws:
    
    Exception

Class SelfSignedCertificateGenerator

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

log

args

Constructor Detail

SelfSignedCertificateGenerator

Method Detail

setKeyType

setKeySize

setCertificateLifetime

setCertificateAlg

setHostName

setPrivateKeyFile

setCertificateFile

setKeystoreType

setKeystoreFile

setKeystorePassword

setDNSSubjectAltNames

setURISubjectAltNames

generate

validate

generateKeyPair

generateCertificate

buildSubjectAltNames

main