Package com.unboundid.ldap.sdk.unboundidds.extensions

Class KeyStoreDataReplaceCertificateKeyStoreContent

java.lang.Object
com.unboundid.ldap.sdk.unboundidds.extensions.ReplaceCertificateKeyStoreContent
com.unboundid.ldap.sdk.unboundidds.extensions.KeyStoreDataReplaceCertificateKeyStoreContent
All Implemented Interfaces:
Serializable
@NotMutable @ThreadSafety(level=COMPLETELY_THREADSAFE) public final class KeyStoreDataReplaceCertificateKeyStoreContent extends ReplaceCertificateKeyStoreContent
This class provides a ReplaceCertificateKeyStoreContent implementation to indicate that the server should use a certificate key store whose content (that is, the bytes that comprise the key store file) is provided directly in the extended request.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
See Also:

  • Constructor Details

    • KeyStoreDataReplaceCertificateKeyStoreContent

      public KeyStoreDataReplaceCertificateKeyStoreContent(@NotNull byte[] keyStoreData, @NotNull String keyStorePIN, @Nullable String privateKeyPIN, @Nullable String keyStoreType, @Nullable String sourceCertificateAlias)
      Creates a new instance of this key store content object with the provided information.
      Parameters:
      keyStoreData - The raw bytes that comprises the key store with the new certificate to use. It must not be null or empty.
      keyStorePIN - The PIN needed to access protected content in the key store. It must not be null or empty.
      privateKeyPIN - The PIN needed to access private key information in the key store. It may be null if the key store PIN should also be used as the private key PIN.
      keyStoreType - The key store type for the target key store. If provided, its value will likely be one of JKS, PKCS12, or BCFKS. If this is null, then the server will attempt to automatically determine the appropriate key store type.
      sourceCertificateAlias - The alias of the private key entry in the key store that contains the new certificate chain to be used. It may optionally be null if and only if the key store has only a single private key entry.

    • KeyStoreDataReplaceCertificateKeyStoreContent

      public KeyStoreDataReplaceCertificateKeyStoreContent(@NotNull File keyStoreFile, @NotNull String keyStorePIN, @Nullable String privateKeyPIN, @Nullable String keyStoreType, @Nullable String sourceCertificateAlias) throws IOException
      Creates a new instance of this key store content object with the provided information.
      Parameters:
      keyStoreFile - The local (client-side) file from which the certificate data should be read. It must not be null. and the file must exist.
      keyStorePIN - The PIN needed to access protected content in the key store. It must not be null or empty.
      privateKeyPIN - The PIN needed to access private key information in the key store. It may be null if the key store PIN should also be used as the private key PIN.
      keyStoreType - The key store type for the target key store. If provided, its value will likely be one of JKS, PKCS12, or BCFKS. If this is null, then the server will attempt to automatically determine the appropriate key store type.
      sourceCertificateAlias - The alias of the private key entry in the key store that contains the new certificate chain to be used. It may optionally be null if and only if the key store has only a single private key entry.
      Throws:
      IOException - If a problem occurs while attempting to read from the key store file.

  • Method Details

    • getKeyStoreData

      @NotNull public byte[] getKeyStoreData()
      Retrieves the raw data that comprises the key store with the new certificate to use.
      Returns:
      The raw data that comprises the key store with the new certificate to use.

    • getKeyStorePIN

      @NotNull public String getKeyStorePIN()
      Retrieves the PIN needed to access protected content in the key store.
      Returns:
      The PIN needed to access protected content in the key store.

    • getPrivateKeyPIN

      @Nullable public String getPrivateKeyPIN()
      Retrieves the PIN needed to access private key information in the key store, if available.
      Returns:
      The PIN needed to access private key information in the key store, or null if the key store PIN should also be used as the private key PIN.

    • getKeyStoreType

      @Nullable public String getKeyStoreType()
      Retrieves the key store type for the target key store, if available.
      Returns:
      The key store type for the target key store, or null if the key store type is not available and the server should attempt to automatically determine the appropriate key store type.

    • getSourceCertificateAlias

      @Nullable public String getSourceCertificateAlias()
      Retrieves the alias of the private key entry in the key store that contains the new certificate chain to be used, if available.
      Returns:
      The alias of the private key entry in the key store that contains the new certificate chain to be used, or null if no source certificate alias was provided and the key store is expected to have only a single private key entry.

    • encode

      @NotNull public ASN1Element encode()
      Encodes this key store content object to an ASN.1 element suitable for inclusion in either a replace listener certificate or replace inter-server certificate request.
      Specified by:
      encode in class ReplaceCertificateKeyStoreContent
      Returns:
      The ASN.1 element containing an encoded representation of this key store content object.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of this key store content object to the provided buffer.
      Specified by:
      toString in class ReplaceCertificateKeyStoreContent
      Parameters:
      buffer - The buffer to which the encoded representation should be appended. It must not be null.