SelfSignedX509CertificateAndSigningKey.Builder (WildFly Elytron 1.6.7.Final API)

java.lang.Object
- org.wildfly.security.x500.cert.SelfSignedX509CertificateAndSigningKey.Builder

Enclosing class:

SelfSignedX509CertificateAndSigningKey
```
public static class SelfSignedX509CertificateAndSigningKey.Builder
extends Object
```
A Builder to configure and generate a SelfSignedX509CertificateAndSigningKey. This Builder generates a key pair and then wraps the resulting public key into a self-signed X.509 certificate.

Field Summary

Fields
Modifier and Type	Field and Description
`static int`	`DEFAULT_EC_KEY_SIZE` The default key size that will be used if the key algorithm name is EC.
`static String`	`DEFAULT_KEY_ALGORITHM_NAME` The default key algorithm name.
`static int`	`DEFAULT_KEY_SIZE` The default key size that will be used if the key algorithm name is not EC.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SelfSignedX509CertificateAndSigningKey.Builder`	`addExtension(boolean critical, String extensionName, String extensionValue)` Add an X.509 certificate extension using the given extension name and string value.
`SelfSignedX509CertificateAndSigningKey.Builder`	`addExtension(X509CertificateExtension extension)` Add an X.509 certificate extension.
`X509CertificateExtension`	`addOrReplaceExtension(boolean critical, String extensionName, String extensionValue)` Add or replace an X.509 certificate extension.
`X509CertificateExtension`	`addOrReplaceExtension(X509CertificateExtension extension)` Add or replace an X.509 certificate extension.
`SelfSignedX509CertificateAndSigningKey`	`build()` Attempt to generate a key pair and wrap the resulting public key into a self-signed X.509 certificate.
`X509CertificateExtension`	`removeExtension(String oid)` Remove the X.509 extension with the given OID, if it is registered.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setDn(X500Principal dn)` Set the DN.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setKeyAlgorithmName(String keyAlgorithmName)` Set the key algorithm name to use when generating the key pair.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setKeySize(int keySize)` Set the key size to use when generating the key pair.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setNotValidAfter(ZonedDateTime notValidAfter)` Set the not-valid-after date.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setNotValidBefore(ZonedDateTime notValidBefore)` Set the not-valid-before date.
`SelfSignedX509CertificateAndSigningKey.Builder`	`setSignatureAlgorithmName(String signatureAlgorithmName)` Set the signature algorithm name to use when signing the self-signed certificate.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_KEY_ALGORITHM_NAME
```
public static final String DEFAULT_KEY_ALGORITHM_NAME
```
    The default key algorithm name.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_EC_KEY_SIZE
```
public static final int DEFAULT_EC_KEY_SIZE
```
    The default key size that will be used if the key algorithm name is EC.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_KEY_SIZE
```
public static final int DEFAULT_KEY_SIZE
```
    The default key size that will be used if the key algorithm name is not EC.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - setKeyAlgorithmName
```
public SelfSignedX509CertificateAndSigningKey.Builder setKeyAlgorithmName(String keyAlgorithmName)
```
    Set the key algorithm name to use when generating the key pair.
    
    Parameters:
    
    keyAlgorithmName - the key algorithm name to use when generating the key pair (must not be null)
    
    Returns:
    
    this builder instance
  - setKeySize
```
public SelfSignedX509CertificateAndSigningKey.Builder setKeySize(int keySize)
```
    Set the key size to use when generating the key pair.
    
    Parameters:
    
    keySize - the key size to use when generating the key pair
    
    Returns:
    
    this builder instance
  - setSignatureAlgorithmName
```
public SelfSignedX509CertificateAndSigningKey.Builder setSignatureAlgorithmName(String signatureAlgorithmName)
```
    Set the signature algorithm name to use when signing the self-signed certificate.
    
    Parameters:
    
    signatureAlgorithmName - the signature algorithm to use when signing the self-signed certificate (must not be null)
    
    Returns:
    
    this builder instance
  - setDn
```
public SelfSignedX509CertificateAndSigningKey.Builder setDn(X500Principal dn)
```
    Set the DN.
    
    Parameters:
    
    dn - the DN to use as both the subject DN and the issuer DN (must not be null)
    
    Returns:
    
    this builder instance
  - addExtension
```
public SelfSignedX509CertificateAndSigningKey.Builder addExtension(X509CertificateExtension extension)
                                                            throws IllegalArgumentException
```
    Add an X.509 certificate extension. If an extension with the same OID already exists, an exception is thrown.
    
    Parameters:
    
    extension - the extension to add (must not be null)
    
    Returns:
    
    this builder instance
    
    Throws:
    
    IllegalArgumentException - if an extension with the same OID has already been added
  - addExtension
```
public SelfSignedX509CertificateAndSigningKey.Builder addExtension(boolean critical,
                                                                   String extensionName,
                                                                   String extensionValue)
                                                            throws IllegalArgumentException
```
    Add an X.509 certificate extension using the given extension name and string value. If an extension with the same name already exists, an exception is thrown. The following extension names and values are supported:
    - name: BasicConstraints
      value: ca:{true|false}[,pathlen:<len>] where ca indicates whether or not the subject is a CA. If ca is true, pathlen indicates the path length constraint.
    - name: KeyUsage
      value: usage(,usage)* where value is a list of the allowed key usages, where each usage value must be one of the following (usage values are case-sensitive):
      
      digitalSignature
      
      nonRepudiation
      
      keyEncipherment
      
      dataEncipherment
      
      keyAgreement
      
      keyCertSign
      
      cRLSign
      
      encipherOnly
      
      decipherOnly
    - name: ExtendedKeyUsage
      value: usage(,usage)* where value is a list of the allowed key purposes, where each usage value must be one of the following (usage values are case-sensitive):
      
      serverAuth
      
      clientAuth
      
      codeSigning
      
      emailProtection
      
      timeStamping
      
      OCSPSigning
      
      any OID string
    - name SubjectAlternativeName
      value: type:val(,type:val)* where value is a list of type:val pairs, where type can be EMAIL, URI, DNS, IP, or OID and val is a string value for the type.
    - name: IssuerAlternativeName
      value: type:val(,type:val)* where value is a list of type:val pairs, where type can be EMAIL, URI, DNS, IP, or OID and val is a string value for the type.
    - name: AuthorityInformationAccess
      value: method:location-type:location-value(,method:location-type:location-value)* where value is a list of method:location-type:location-value triples, where method can be ocsp, caIssuers, or any OID and location-type:location-value can be any type:val pair as defined for the SubjectAlternativeName extension.
    - name: SubjectInformationAccess
      value: method:location-type:location-value(,method:location-type:location-value)* where value is a list of method:location-type:location-value triples, where method can be timeStamping, caRepository, or any OID and location-type:location-value can be any type:val pair as defined for the SubjectAlternativeName extension.
    Parameters:
    
    critical - whether the extension should be marked as critical
    
    extensionName - the extension name (must not be null)
    
    extensionValue - the extension value, as a string (must not be null)
    
    Returns:
    
    this builder instance
    
    Throws:
    
    IllegalArgumentException - if an extension with the same name has already been added or if an error occurs while attempting to add the extension
  - addOrReplaceExtension
```
public X509CertificateExtension addOrReplaceExtension(X509CertificateExtension extension)
```
    Add or replace an X.509 certificate extension. If an extension with the same OID already exists, it is replaced and returned.
    
    Parameters:
    
    extension - the extension to add (must not be null)
    
    Returns:
    
    the existing extension or null if no other extension with the same OID existed
  - addOrReplaceExtension
```
public X509CertificateExtension addOrReplaceExtension(boolean critical,
                                                      String extensionName,
                                                      String extensionValue)
```
    Add or replace an X.509 certificate extension. If an extension with the same name already exists, it is replaced and returned. See addExtension(boolean, String, String) for the supported extension names and values.
    
    Parameters:
    
    critical - whether the extension should be marked as critical
    
    extensionName - the extension name (must not be null)
    
    extensionValue - the extension value, as a string (must not be null)
    
    Returns:
    
    the existing extension or null if no other extension with the same OID existed or if an error occurs while attempting to add the extension
  - removeExtension
```
public X509CertificateExtension removeExtension(String oid)
```
    Remove the X.509 extension with the given OID, if it is registered.
    
    Parameters:
    
    oid - the OID of the extension to remove (must not be null)
    
    Returns:
    
    the extension or null if no extension with the same OID existed
  - setNotValidBefore
```
public SelfSignedX509CertificateAndSigningKey.Builder setNotValidBefore(ZonedDateTime notValidBefore)
```
    Set the not-valid-before date.
    
    Parameters:
    
    notValidBefore - the not-valid-before date (must not be null)
    
    Returns:
    
    this builder instance
  - setNotValidAfter
```
public SelfSignedX509CertificateAndSigningKey.Builder setNotValidAfter(ZonedDateTime notValidAfter)
```
    Set the not-valid-after date.
    
    Parameters:
    
    notValidAfter - the not-valid-after date (must not be null)
    
    Returns:
    
    this builder instance
  - build
```
public SelfSignedX509CertificateAndSigningKey build()
                                             throws IllegalArgumentException
```
    Attempt to generate a key pair and wrap the resulting public key into a self-signed X.509 certificate.
    
    Returns:
    
    the self-signed X.509 certificate and signing key
    
    Throws:
    
    IllegalArgumentException - if a required builder parameter is missing or invalid or if an error occurs while attempting to generate the self-signed X.509 certificate

Class SelfSignedX509CertificateAndSigningKey.Builder

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_KEY_ALGORITHM_NAME

DEFAULT_EC_KEY_SIZE

DEFAULT_KEY_SIZE

Method Detail

setKeyAlgorithmName

setKeySize

setSignatureAlgorithmName

setDn

addExtension

addExtension

addOrReplaceExtension

addOrReplaceExtension

removeExtension

setNotValidBefore

setNotValidAfter

build