SecretsKeyManager (OpenAM Server Only 7.5.0 Documentation)

java.lang.Object

javax.net.ssl.X509ExtendedKeyManager

org.forgerock.secrets.SecretsKeyManager

All Implemented Interfaces:: KeyManager, X509KeyManager

public class SecretsKeyManager extends X509ExtendedKeyManager

An X509ExtendedKeyManager implementation that gets keys and certificates from a SecretsProvider. This implementation ensures that updates to the secrets are reflected in the keys and certificates available from the key manager. Use SecretsProvider.getKeyManager(Purpose, org.forgerock.util.Options) to obtain a copy of this key manager.

Field Summary

Fields

Modifier and Type

Field

Description

static final Option<String>

KEY_MANAGER_ALGORITHM

The algorithm of the underlying X509ExtendedKeyManager implementation to use.
Method Summary

Modifier and Type

Method

Description

String

chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket)

String

chooseEngineClientAlias(String[] keyTypes, Principal[] issuers, SSLEngine sslEngine)

String

chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine)

String

chooseServerAlias(String keyType, Principal[] issuers, Socket socket)

X509Certificate[]

getCertificateChain(String alias)

String[]

getClientAliases(String keyType, Principal[] issuers)

PrivateKey

getPrivateKey(String alias)

String[]

getServerAliases(String keyType, Principal[] issuers)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- KEY_MANAGER_ALGORITHM
  
  public static final Option<String> KEY_MANAGER_ALGORITHM
  
  The algorithm of the underlying X509ExtendedKeyManager implementation to use.
Method Details
- chooseEngineClientAlias
  
  public String chooseEngineClientAlias(String[] keyTypes, Principal[] issuers, SSLEngine sslEngine)
  
  Overrides:
  
  chooseEngineClientAlias in class X509ExtendedKeyManager
- chooseEngineServerAlias
  
  public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine)
  
  Overrides:
  
  chooseEngineServerAlias in class X509ExtendedKeyManager
- getClientAliases
  
  public String[] getClientAliases(String keyType, Principal[] issuers)
- chooseClientAlias
  
  public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket)
- getServerAliases
  
  public String[] getServerAliases(String keyType, Principal[] issuers)
- chooseServerAlias
  
  public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
- getCertificateChain
  
  public X509Certificate[] getCertificateChain(String alias)
- getPrivateKey
  
  public PrivateKey getPrivateKey(String alias)